{"id": "FEDORA_2014-0136.NASL", "bulletinFamily": "scanner", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-01-13T00:00:00", "modified": "2015-10-19T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "reporter": "Tenable", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "cvelist": ["CVE-2013-6480"], "type": "nessus", "lastseen": "2019-02-21T01:20:36", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-libcloud"], "cvelist": ["CVE-2013-6480"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "eb0b5c9773800466161205da76347ba7235c4c91e19d6ca36d704fc9c4fece46", "hashmap": [{"hash": "8eaaf28e1cf79257a2ea5cfe2b71569a", "key": "cpe"}, {"hash": "635d7f080910dc81e99c0ca9b0d4203f", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7", "key": "href"}, {"hash": "f03f33fb28be090b6061880fc36c9d5a", "key": "references"}, {"hash": "0b16638a7964db19eaaf438961f6bd33", "key": "published"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "460b26a6d56884823b065e3e51dc01e8", "key": "description"}, {"hash": "9d349758291c2a3a7210e7bad301f83f", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17bac96be7e0b796bd5c3071a7c2bebb", "key": "pluginID"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a7910d52faa0403a56574f792ca06323", "key": "title"}, {"hash": "7fe401da8448cfbf368bd342c1cf9966", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "id": "FEDORA_2014-0136.NASL", "lastseen": "2017-10-29T13:43:03", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "71916", "published": "2014-01-13T00:00:00", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:43:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-libcloud"], "cvelist": ["CVE-2013-6480"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-01-16T20:17:48", "references": [{"idList": ["CVE-2013-6480"], "type": "cve"}, {"idList": ["SSV:61272"], "type": "seebug"}, {"idList": ["EDB-ID:38937"], "type": "exploitdb"}, {"idList": ["OPENVAS:1361412562310867335", "OPENVAS:867234", "OPENVAS:867335", "OPENVAS:867228", "OPENVAS:1361412562310867228", "OPENVAS:1361412562310867234"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:13477", "SECURITYVULNS:DOC:30154"], "type": "securityvulns"}, {"idList": ["OPENSUSE-2014-112.NASL", "FEDORA_2014-0159.NASL", "FEDORA_2014-0129.NASL"], "type": "nessus"}]}, "score": {"value": 2.1, "vector": "NONE"}}, "hash": "b776ee9bcd99688d82afac9fa3a160d8aa3395f555a2edf6816afc5559723da6", "hashmap": [{"hash": "8eaaf28e1cf79257a2ea5cfe2b71569a", "key": "cpe"}, {"hash": "ddad3528266402f49d7929c5cb93505d", "key": "description"}, {"hash": "635d7f080910dc81e99c0ca9b0d4203f", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7", "key": "href"}, {"hash": "f03f33fb28be090b6061880fc36c9d5a", "key": "references"}, {"hash": "0b16638a7964db19eaaf438961f6bd33", "key": "published"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "9d349758291c2a3a7210e7bad301f83f", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17bac96be7e0b796bd5c3071a7c2bebb", "key": "pluginID"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a7910d52faa0403a56574f792ca06323", "key": "title"}, {"hash": "7fe401da8448cfbf368bd342c1cf9966", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "id": "FEDORA_2014-0136.NASL", "lastseen": "2019-01-16T20:17:48", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "71916", "published": "2014-01-13T00:00:00", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2019-01-16T20:17:48"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-libcloud"], "cvelist": ["CVE-2013-6480"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "7187e537c0f2b99aa6ba3f9fe1aec78d687d502255ca7f892ac5f2cb494ad5a1", "hashmap": [{"hash": "8eaaf28e1cf79257a2ea5cfe2b71569a", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7", "key": "href"}, {"hash": "f03f33fb28be090b6061880fc36c9d5a", "key": "references"}, {"hash": "0b16638a7964db19eaaf438961f6bd33", "key": "published"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "460b26a6d56884823b065e3e51dc01e8", "key": "description"}, {"hash": "9d349758291c2a3a7210e7bad301f83f", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17bac96be7e0b796bd5c3071a7c2bebb", "key": "pluginID"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a7910d52faa0403a56574f792ca06323", "key": "title"}, {"hash": "7fe401da8448cfbf368bd342c1cf9966", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "id": "FEDORA_2014-0136.NASL", "lastseen": "2018-08-30T19:52:43", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "71916", "published": "2014-01-13T00:00:00", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:52:43"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-libcloud"], "cvelist": ["CVE-2013-6480"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "eb0b5c9773800466161205da76347ba7235c4c91e19d6ca36d704fc9c4fece46", "hashmap": [{"hash": "8eaaf28e1cf79257a2ea5cfe2b71569a", "key": "cpe"}, {"hash": "635d7f080910dc81e99c0ca9b0d4203f", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7", "key": "href"}, {"hash": "f03f33fb28be090b6061880fc36c9d5a", "key": "references"}, {"hash": "0b16638a7964db19eaaf438961f6bd33", "key": "published"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "460b26a6d56884823b065e3e51dc01e8", "key": "description"}, {"hash": "9d349758291c2a3a7210e7bad301f83f", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17bac96be7e0b796bd5c3071a7c2bebb", "key": "pluginID"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a7910d52faa0403a56574f792ca06323", "key": "title"}, {"hash": "7fe401da8448cfbf368bd342c1cf9966", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "id": "FEDORA_2014-0136.NASL", "lastseen": "2018-09-02T00:02:02", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "71916", "published": "2014-01-13T00:00:00", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2018-09-02T00:02:02"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-6480"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "bbdee246c1fcd39d59ea8adb28d9246cd4886f949814dbad00892f771408aca7", "hashmap": [{"hash": "635d7f080910dc81e99c0ca9b0d4203f", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7", "key": "href"}, {"hash": "f03f33fb28be090b6061880fc36c9d5a", "key": "references"}, {"hash": "0b16638a7964db19eaaf438961f6bd33", "key": "published"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "460b26a6d56884823b065e3e51dc01e8", "key": "description"}, {"hash": "9d349758291c2a3a7210e7bad301f83f", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17bac96be7e0b796bd5c3071a7c2bebb", "key": "pluginID"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a7910d52faa0403a56574f792ca06323", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "7fe401da8448cfbf368bd342c1cf9966", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=71916", "id": "FEDORA_2014-0136.NASL", "lastseen": "2016-09-26T17:25:57", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.2", "pluginID": "71916", "published": "2014-01-13T00:00:00", "references": ["http://www.nessus.org/u?085b9529", "https://bugzilla.redhat.com/show_bug.cgi?id=1047867"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "title": "Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:57"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "8eaaf28e1cf79257a2ea5cfe2b71569a"}, {"key": "cvelist", "hash": "9d349758291c2a3a7210e7bad301f83f"}, {"key": "cvss", "hash": "635d7f080910dc81e99c0ca9b0d4203f"}, {"key": "description", "hash": "460b26a6d56884823b065e3e51dc01e8"}, {"key": "href", "hash": "2b98a60ec1bb8b51dfc87937ac4bd0c7"}, {"key": "modified", "hash": "9a00910eeedb8c835c4637a953896665"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "17bac96be7e0b796bd5c3071a7c2bebb"}, {"key": "published", "hash": "0b16638a7964db19eaaf438961f6bd33"}, {"key": "references", "hash": "f03f33fb28be090b6061880fc36c9d5a"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "7fe401da8448cfbf368bd342c1cf9966"}, {"key": "title", "hash": "a7910d52faa0403a56574f792ca06323"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "eb0b5c9773800466161205da76347ba7235c4c91e19d6ca36d704fc9c4fece46", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-6480"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30154", "SECURITYVULNS:VULN:13477"]}, {"type": "exploitdb", "idList": ["EDB-ID:38937"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310867234", "OPENVAS:1361412562310867335", "OPENVAS:1361412562310867228", "OPENVAS:867335", "OPENVAS:867228", "OPENVAS:867234"]}, {"type": "seebug", "idList": ["SSV:61272"]}, {"type": "nessus", "idList": ["OPENSUSE-2014-112.NASL", "FEDORA_2014-0159.NASL", "FEDORA_2014-0129.NASL"]}], "modified": "2019-02-21T01:20:36"}, "score": {"value": 2.1, "vector": "NONE"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0136.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71916);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n\n script_name(english:\"Fedora 19 : python-libcloud-0.13.3-1.fc19 (2014-0136)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?085b9529\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-libcloud-0.13.3-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "71916", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-libcloud"], "scheme": null}

{"cve": [{"lastseen": "2018-10-10T11:05:01", "bulletinFamily": "NVD", "description": "Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.", "modified": "2018-10-09T15:34:54", "published": "2014-01-07T13:55:07", "id": "CVE-2013-6480", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6480", "title": "CVE-2013-6480", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n[CVE-2013-6480] Libcloud doesn&#39;t send scrub_data query parameter when\r\ndestroying a DigitalOcean node\r\n\r\nSeverity: Low\r\n\r\nVendor: Apache Software Foundation\r\n\r\nProject: Apache Libcloud &#40;http://libcloud.apache.org/&#41;\r\n\r\nAffected Versions: Apache Libcloud 0.12.3 to 0.13.3 &#40;version prior to\r\n0.12.3 don&#39;t include a DigitalOcean driver&#41;\r\n\r\nDescription:\r\n\r\nDigitalOcean recently changed the default API behavior from scrub to\r\nnon-scrub when destroying a VM.\r\n\r\nLibcloud doesn&#39;t explicitly send &quot;scrub_data&quot; query parameter when\r\ndestroying a node. This means nodes which are destroyed using Libcloud\r\nare vulnerable to later customers stealing data contained on them.\r\n\r\nNote: Only users who are using DigitalOcean driver are affected by this issue.\r\n\r\nReferences:\r\n\r\n- - http://libcloud.apache.org/security.html\r\n- - https://digitalocean.com/blog_posts/transparency-regarding-data-security\r\n- - https://github.com/fog/fog/issues/2525\r\n\r\nMitigation:\r\n\r\nThis vulnerability has been fixed in version 0.13.3. Users who use\r\nDigitalOcean driver are strongly encouraged to upgrade to this\r\nrelease.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niQJ8BAEBCgBmBQJSxEgAXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w\r\nZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5OTc4MjhEQzYyRjc1OUNFQTE4OUQ2NUUy\r\nQzA3NTRCMkNFMDY5MkYzAAoJECwHVLLOBpLzbRcQAJqSobMiGfjpBQCGhda8zW62\r\n6aPEjyuStv9FZ0/eLN6bxPCV8LdxOYy6M1oehr3ntT56Dd/lZ9+gwJunTH3UqWmq\r\nZqiwmME8JLhNTLC8tab+yE82lQlck2iXgTaJ5pZfXELFPiTEZ+DAQN26CpkA8bLO\r\ncXAlMJkskPS6BkkgLDtLfO9RHe8T0QsEcHxQSwCpursiIlQEfjG3tQqG21KEvSm6\r\nQ31qv87cZrG2pQPXEQ7Ir59E7Yos/7vEnG57wY/Xj94wKeKpHxnBUUL37BW+/tb1\r\nqP29zZUol628HxowsGCN7xJPlXrcc4wc37rWja/UTcBWZGUk4EKTX9xXVs1jKuPB\r\nlJqlGkEHglRcFI1AJLv9VkPBj77z6aEFu89bbJn8aZwAmPwnIBLZiJGp0LvqlVap\r\nRYgV8SdLb1D4GxTDJJN76PLghMJdo1mEUwLbinr8JGH/MXzTkTUwgMCv7ks8ww7Q\r\nhZp40rKDY+Su7VML6ONcnnvZTlAxCJM2lexD0svV8e3oXf/8lUzlnHCHQH8/TIrV\r\n6DV4mj7Yg+HiR9Tj8+AMAAmC5l88Byl/+sJjAEdWBTKjzwiey5ocDX5s/aL12o+9\r\nJX7vnFOWaGWf0pMeGuCl2gqtG+jFoEkr7BU7d0k7TvVFTQ0jTrrhVv9rbdIiJbK4\r\nHXvdPzy/CBQt0tUGc6UT\r\n=8Jgs\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2014-01-08T00:00:00", "published": "2014-01-08T00:00:00", "id": "SECURITYVULNS:DOC:30154", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30154", "title": "[CVE-2013-6480] Libcloud doesn&#39;t send scrub_data query parameter when destroying a DigitalOcean node", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "description": "Parameter to scrub data after deletion does not acutally work.", "modified": "2014-01-08T00:00:00", "published": "2014-01-08T00:00:00", "id": "SECURITYVULNS:VULN:13477", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13477", "title": "Apache libcloud pritection bypass", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T17:36:28", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 64617\r\nCVE(CAN) ID: CVE-2013-6480\r\n\r\nlibcloud \u662f\u7528Python\u5f00\u53d1\u7684\u8bbf\u95ee\u4e91\u8ba1\u7b97\u670d\u52a1\u7684\u7edf\u4e00\u63a5\u53e3\u3002\r\n\r\nApache Libcloud 0.12.3-0.13.2\u7248\u672c\u9500\u6bc1DigitalOcean\u8282\u70b9\u65f6\uff0c\u6ca1\u6709\u53d1\u9001scrub_data query\u53c2\u6570\uff0c\u8fd9\u53ef\u4f7f\u672c\u5730\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\n0\nApache Group Libcloud 0.12.3 - 0.13.3\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://libcloud.apache.org/security.html \r\nhttps://digitalocean.com/blog_posts/transparency-regarding-data-security", "modified": "2014-01-03T00:00:00", "published": "2014-01-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61272", "id": "SSV:61272", "type": "seebug", "title": "Apache Libcloud Digital Ocean API\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "sourceData": "\n dd if=/dev/vda bs=1M | strings -n 100 &amp;amp;gt; out.txt\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-61272", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-25T10:48:20", "bulletinFamily": "scanner", "description": "Check for the Version of python-libcloud", "modified": "2017-07-10T00:00:00", "published": "2014-02-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867335", "id": "OPENVAS:867335", "title": "Fedora Update for python-libcloud FEDORA-2014-0129", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0129\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867335);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-03 19:45:28 +0530 (Mon, 03 Feb 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0129\");\n\n tag_insight = \"libcloud is a client library for interacting with many of the popular cloud\nserver providers. It was created to make it easy for developers to build\nproducts that work between any of the services that it supports.\n\";\n\n tag_affected = \"python-libcloud on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0129\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126396.html\");\n script_summary(\"Check for the Version of python-libcloud\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:48:22", "bulletinFamily": "scanner", "description": "Check for the Version of python-libcloud", "modified": "2017-07-10T00:00:00", "published": "2014-01-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867228", "id": "OPENVAS:867228", "title": "Fedora Update for python-libcloud FEDORA-2014-0136", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0136\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867228);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 11:23:16 +0530 (Mon, 13 Jan 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0136\");\n\n tag_insight = \"libcloud is a client library for interacting with many of the popular cloud\nserver providers. It was created to make it easy for developers to build\nproducts that work between any of the services that it supports.\n\";\n\n tag_affected = \"python-libcloud on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0136\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\");\n script_summary(\"Check for the Version of python-libcloud\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-03-18T14:37:08", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-02-03T00:00:00", "id": "OPENVAS:1361412562310867335", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867335", "title": "Fedora Update for python-libcloud FEDORA-2014-0129", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0129\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867335\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-03 19:45:28 +0530 (Mon, 03 Feb 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0129\");\n script_tag(name:\"affected\", value:\"python-libcloud on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0129\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126396.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-libcloud'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-03-18T14:38:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-01-13T00:00:00", "id": "OPENVAS:1361412562310867228", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867228", "title": "Fedora Update for python-libcloud FEDORA-2014-0136", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0136\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867228\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 11:23:16 +0530 (Mon, 13 Jan 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0136\");\n script_tag(name:\"affected\", value:\"python-libcloud on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0136\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126386.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-libcloud'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-03-18T14:38:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-01-13T00:00:00", "id": "OPENVAS:1361412562310867234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867234", "title": "Fedora Update for python-libcloud FEDORA-2014-0159", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867234\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 11:32:10 +0530 (Mon, 13 Jan 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0159\");\n script_tag(name:\"affected\", value:\"python-libcloud on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-0159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126393.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-libcloud'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:48:57", "bulletinFamily": "scanner", "description": "Check for the Version of python-libcloud", "modified": "2017-07-10T00:00:00", "published": "2014-01-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867234", "id": "OPENVAS:867234", "title": "Fedora Update for python-libcloud FEDORA-2014-0159", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-libcloud FEDORA-2014-0159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867234);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 11:32:10 +0530 (Mon, 13 Jan 2014)\");\n script_cve_id(\"CVE-2013-6480\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-libcloud FEDORA-2014-0159\");\n\n tag_insight = \"libcloud is a client library for interacting with many of the popular cloud\nserver providers. It was created to make it easy for developers to build\nproducts that work between any of the services that it supports.\n\";\n\n tag_affected = \"python-libcloud on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-0159\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126393.html\");\n script_summary(\"Check for the Version of python-libcloud\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-libcloud\", rpm:\"python-libcloud~0.13.3~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2019-02-21T01:21:36", "bulletinFamily": "scanner", "description": "- Updated to 0.13.3 (bnc#857209, CVE-2013-6480)\n\n + Security fix release, for destroying nodes on digitalOcean 'data_scrub' method is always invoked\n\n - Require python-setuptools instead of distribute (upstreams merged)\n\n - Updated to 0.13.2\n\n - General :\n\n - Don't sent Content-Length: 0 header with POST and PUT request if 'raw' mode is used. This fixes a regression which could cause broken behavior in some storage driver when uploading a file from disk.\n\n - Compute :\n\n - Added Ubuntu Linux 12.04 image to ElasticHost driver image list. (LIBCLOUD-364)\n\n - Update ElasticHosts driver to store drive UUID in the node 'extra' field. (LIBCLOUD-357)\n\n - Storage :\n\n - Store last_modified timestamp in the Object extra dictionary in the S3 driver. (LIBCLOUD-373)\n\n - Load Balancer :\n\n - Expose CloudStack driver directly through the Provider.CLOUDSTACK constant.\n\n - DNS :\n\n - Modify Zerigo driver to include record TTL in the record 'extra' attribute if a record has a TTL set.\n\n - Modify values in the Record 'extra' dictionary attribute in the Zerigo DNS driver to be set to None instead of an empty string ('') if a value for the provided key is not set.", "modified": "2018-11-10T00:00:00", "id": "OPENSUSE-2014-112.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75250", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : python-apache-libcloud (openSUSE-SU-2014:0198-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-112.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75250);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-6480\");\n\n script_name(english:\"openSUSE Security Update : python-apache-libcloud (openSUSE-SU-2014:0198-1)\");\n script_summary(english:\"Check for the openSUSE-2014-112 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Updated to 0.13.3 (bnc#857209, CVE-2013-6480)\n\n + Security fix release, for destroying nodes on\n digitalOcean 'data_scrub' method is always invoked\n\n - Require python-setuptools instead of distribute\n (upstreams merged)\n\n - Updated to 0.13.2\n\n - General :\n\n - Don't sent Content-Length: 0 header with POST and PUT\n request if 'raw' mode is used. This fixes a regression\n which could cause broken behavior in some storage driver\n when uploading a file from disk.\n\n - Compute :\n\n - Added Ubuntu Linux 12.04 image to ElasticHost driver\n image list. (LIBCLOUD-364)\n\n - Update ElasticHosts driver to store drive UUID in the\n node 'extra' field. (LIBCLOUD-357)\n\n - Storage :\n\n - Store last_modified timestamp in the Object extra\n dictionary in the S3 driver. (LIBCLOUD-373)\n\n - Load Balancer :\n\n - Expose CloudStack driver directly through the\n Provider.CLOUDSTACK constant.\n\n - DNS :\n\n - Modify Zerigo driver to include record TTL in the record\n 'extra' attribute if a record has a TTL set.\n\n - Modify values in the Record 'extra' dictionary attribute\n in the Zerigo DNS driver to be set to None instead of an\n empty string ('') if a value for the provided key is not\n set.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=857209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-02/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-apache-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-apache-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-apache-libcloud-0.13.3-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-apache-libcloud\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:20:36", "bulletinFamily": "scanner", "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2014-0159.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71917", "published": "2014-01-13T00:00:00", "title": "Fedora 18 : python-libcloud-0.13.3-1.fc18 (2014-0159)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0159.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71917);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0159\");\n\n script_name(english:\"Fedora 18 : python-libcloud-0.13.3-1.fc18 (2014-0159)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126393.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87df9356\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"python-libcloud-0.13.3-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:20:36", "bulletinFamily": "scanner", "description": "Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2014-0129.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71915", "published": "2014-01-13T00:00:00", "title": "Fedora 20 : python-libcloud-0.13.3-1.fc20 (2014-0129)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-0129.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71915);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2013-6480\");\n script_xref(name:\"FEDORA\", value:\"2014-0129\");\n\n script_name(english:\"Fedora 20 : python-libcloud-0.13.3-1.fc20 (2014-0129)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix - BUG: 1047867 1047868\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1047867\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126396.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b77439fc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-libcloud package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-libcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"python-libcloud-0.13.3-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-libcloud\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "exploitdb": [{"lastseen": "2016-02-04T09:09:47", "bulletinFamily": "exploit", "description": "Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability. CVE-2013-6480. Local exploit for linux platform", "modified": "2014-01-01T00:00:00", "published": "2014-01-01T00:00:00", "id": "EDB-ID:38937", "href": "https://www.exploit-db.com/exploits/38937/", "type": "exploitdb", "title": "Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/64617/info\r\n\r\nApache Libcloud is prone to a local information-disclosure vulnerability.\r\n\r\nLocal attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks.\r\n\r\nApache Libcloud versions 0.12.3 through 0.13.2 are vulnerable. \r\n\r\ndd if=/dev/vda bs=1M | strings -n 100 > out.txt ", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/38937/"}]}