ID FEDORA_2017-BA1399832B.NASL Type nessus Reporter Tenable Modified 2018-02-02T00:00:00
Description
CVE-2017-1000381: c-ares NAPTR parser out of bounds access
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.
#
include("compat.inc");
if (description)
{
script_id(101096);
script_version("$Revision: 3.3 $");
script_cvs_date("$Date: 2018/02/02 14:59:05 $");
script_cve_id("CVE-2017-1000381");
script_xref(name:"FEDORA", value:"2017-ba1399832b");
script_name(english:"Fedora 25 : c-ares (2017-ba1399832b)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - CVE-2017-1000381: c-ares NAPTR parser out of bounds
access
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected c-ares package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:c-ares");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25");
script_set_attribute(attribute:"patch_publication_date", value:"2017/06/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/06/29");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC25", reference:"c-ares-1.13.0-1.fc25")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "c-ares");
}
{"id": "FEDORA_2017-BA1399832B.NASL", "bulletinFamily": "scanner", "title": "Fedora 25 : c-ares (2017-ba1399832b)", "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-06-29T00:00:00", "modified": "2018-02-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101096", "reporter": "Tenable", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"], "cvelist": ["CVE-2017-1000381"], "type": "nessus", "lastseen": "2018-02-04T11:05:56", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2017-1000381"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {}, "hash": "a3d53d48cf2542ea792eb0443f741c07ac0255830b6258c13c912cf09c8076c3", "hashmap": [{"hash": "9f0366b8c6d9483749c1564d0d4aff4f", "key": "sourceData"}, {"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "published"}, {"hash": "0dcb5fe3adf11fb0c544b561d9c41659", "key": "modified"}, {"hash": "e1e6c6ef9bd691161e7cc16e3b7c25ce", "key": "references"}, {"hash": "7284d02a716c71edb60cb4cf897fbaa3", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "eeb446e4e5ee37425467986b5b5aa575", "key": "description"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "b5652fbeb77e217b07b954ac21a6c22f", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bbcd82e0e763b7899e612b2192dab6e", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "a085be79281d65addf48488549ddb1f3", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=101096", "id": "FEDORA_2017-BA1399832B.NASL", "lastseen": "2017-07-19T01:47:58", "modified": "2017-07-18T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "101096", "published": "2017-06-29T00:00:00", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101096);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/07/18 14:34:21 $\");\n\n script_cve_id(\"CVE-2017-1000381\");\n script_xref(name:\"FEDORA\", value:\"2017-ba1399832b\");\n\n script_name(english:\"Fedora 25 : c-ares (2017-ba1399832b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2017-1000381: c-ares NAPTR parser out of bounds\n access\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.13.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "title": "Fedora 25 : c-ares (2017-ba1399832b)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 3, "lastseen": "2017-07-19T01:47:58"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:c-ares"], "cvelist": ["CVE-2017-1000381"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"modified": "2017-10-29T13:40:19", "value": 5.0}}, "hash": "69477ef1530d75b4d293f1da19ea9029d16f4b4a56d68af6208f7fc40ec6786c", "hashmap": [{"hash": "9f0366b8c6d9483749c1564d0d4aff4f", "key": "sourceData"}, {"hash": "cf42991d9ad17eccaf703300360fb09f", "key": "cpe"}, {"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "published"}, {"hash": "0dcb5fe3adf11fb0c544b561d9c41659", "key": "modified"}, {"hash": "e1e6c6ef9bd691161e7cc16e3b7c25ce", "key": "references"}, {"hash": "7284d02a716c71edb60cb4cf897fbaa3", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "eeb446e4e5ee37425467986b5b5aa575", "key": "description"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "b5652fbeb77e217b07b954ac21a6c22f", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bbcd82e0e763b7899e612b2192dab6e", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a085be79281d65addf48488549ddb1f3", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=101096", "id": "FEDORA_2017-BA1399832B.NASL", "lastseen": "2017-10-29T13:40:19", "modified": "2017-07-18T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "101096", "published": "2017-06-29T00:00:00", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101096);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/07/18 14:34:21 $\");\n\n script_cve_id(\"CVE-2017-1000381\");\n script_xref(name:\"FEDORA\", value:\"2017-ba1399832b\");\n\n script_name(english:\"Fedora 25 : c-ares (2017-ba1399832b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2017-1000381: c-ares NAPTR parser out of bounds\n access\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.13.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "title": "Fedora 25 : c-ares (2017-ba1399832b)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2017-10-29T13:40:19"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000381"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {}, "hash": "ac9430bbec8c23f7855c015f2d410b13369a72432f60670c3c307939cb86753b", "hashmap": [{"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "published"}, {"hash": "e1e6c6ef9bd691161e7cc16e3b7c25ce", "key": "references"}, {"hash": "7284d02a716c71edb60cb4cf897fbaa3", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2ee49776877e2754b9fbf16ab45afca8", "key": "sourceData"}, {"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "modified"}, {"hash": "eeb446e4e5ee37425467986b5b5aa575", "key": "description"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "b5652fbeb77e217b07b954ac21a6c22f", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bbcd82e0e763b7899e612b2192dab6e", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a085be79281d65addf48488549ddb1f3", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=101096", "id": "FEDORA_2017-BA1399832B.NASL", "lastseen": "2017-07-18T11:47:50", "modified": "2017-06-29T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "101096", "published": "2017-06-29T00:00:00", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101096);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/06/29 13:25:18 $\");\n\n script_cve_id(\"CVE-2017-1000381\");\n script_xref(name:\"FEDORA\", value:\"2017-ba1399832b\");\n\n script_name(english:\"Fedora 25 : c-ares (2017-ba1399832b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2017-1000381: c-ares NAPTR parser out of bounds\n access\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.13.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "title": "Fedora 25 : c-ares (2017-ba1399832b)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-18T11:47:50"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000381"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "ba748c3ce831d494be046848fb1181c4442f1caf6b9efb8bb42ac03c0e1f25b9", "hashmap": [{"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "published"}, {"hash": "e1e6c6ef9bd691161e7cc16e3b7c25ce", "key": "references"}, {"hash": "7284d02a716c71edb60cb4cf897fbaa3", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2ee49776877e2754b9fbf16ab45afca8", "key": "sourceData"}, {"hash": "9ad6988e26c615e09048f1a7a54e5991", "key": "modified"}, {"hash": "eeb446e4e5ee37425467986b5b5aa575", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "b5652fbeb77e217b07b954ac21a6c22f", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bbcd82e0e763b7899e612b2192dab6e", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "a085be79281d65addf48488549ddb1f3", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=101096", "id": "FEDORA_2017-BA1399832B.NASL", "lastseen": "2017-06-30T03:46:52", "modified": "2017-06-29T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "101096", "published": "2017-06-29T00:00:00", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101096);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/06/29 13:25:18 $\");\n\n script_cve_id(\"CVE-2017-1000381\");\n script_xref(name:\"FEDORA\", value:\"2017-ba1399832b\");\n\n script_name(english:\"Fedora 25 : c-ares (2017-ba1399832b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2017-1000381: c-ares NAPTR parser out of bounds\n access\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.13.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "title": "Fedora 25 : c-ares (2017-ba1399832b)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2017-06-30T03:46:52"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "cf42991d9ad17eccaf703300360fb09f"}, {"key": "cvelist", "hash": "2bbcd82e0e763b7899e612b2192dab6e"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "eeb446e4e5ee37425467986b5b5aa575"}, {"key": "href", "hash": "7284d02a716c71edb60cb4cf897fbaa3"}, {"key": "modified", "hash": "e5ea4e133fdd22d0dad25dd00662de7f"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "a085be79281d65addf48488549ddb1f3"}, {"key": "published", "hash": "9ad6988e26c615e09048f1a7a54e5991"}, {"key": "references", "hash": "e1e6c6ef9bd691161e7cc16e3b7c25ce"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "0ee89d96e9f9bd6d0aed4e0210358c9b"}, {"key": "title", "hash": "b5652fbeb77e217b07b954ac21a6c22f"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "311a57bd07402e148e0a05aa90957ca854da65d5f90271b0cce88358d13c7b50", "viewCount": 3, "enchantments": {"vulnersScore": 2.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba1399832b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101096);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2018/02/02 14:59:05 $\");\n\n script_cve_id(\"CVE-2017-1000381\");\n script_xref(name:\"FEDORA\", value:\"2017-ba1399832b\");\n\n script_name(english:\"Fedora 25 : c-ares (2017-ba1399832b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2017-1000381: c-ares NAPTR parser out of bounds\n access\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba1399832b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.13.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "101096", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:c-ares"]}
{"result": {"cve": [{"id": "CVE-2017-1000381", "type": "cve", "title": "CVE-2017-1000381", "description": "The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.", "published": "2017-07-07T13:29:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000381", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-07-18T10:49:38"}], "openvas": [{"id": "OPENVAS:1361412562310890998", "type": "openvas", "title": "Debian LTS Advisory ([SECURITY] [DLA 998-1] c-ares security update)", "description": "CVE-2017-1000381\nThe c-ares function ares_parse_naptr_reply(), which is used for\nparsing NAPTR responses, could be triggered to read memory\noutside of the given input buffer if the passed in DNS response\npacket was crafted in a particular way.", "published": "2018-01-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310890998", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-03-29T18:48:07"}, {"id": "OPENVAS:1361412562310873207", "type": "openvas", "title": "Fedora Update for mingw-c-ares FEDORA-2017-05254795cf", "description": "Check the version of mingw-c-ares", "published": "2017-08-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873207", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-21T11:27:17"}, {"id": "OPENVAS:1361412562310872913", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2017-aa44293a53", "description": "Check the version of nodejs", "published": "2017-07-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872913", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-15T11:27:51"}, {"id": "OPENVAS:1361412562310872795", "type": "openvas", "title": "Fedora Update for c-ares FEDORA-2017-ba1399832b", "description": "Check the version of c-ares", "published": "2017-06-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872795", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-07T10:57:40"}, {"id": "OPENVAS:1361412562310843289", "type": "openvas", "title": "Ubuntu Update for c-ares USN-3395-1", "description": "Check the version of c-ares", "published": "2017-08-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843289", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-09-04T14:22:24"}, {"id": "OPENVAS:1361412562310872888", "type": "openvas", "title": "Fedora Update for c-ares FEDORA-2017-4932c9b886", "description": "Check the version of c-ares", "published": "2017-07-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872888", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-10T11:36:50"}, {"id": "OPENVAS:1361412562310872916", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2017-81522ac6d8", "description": "Check the version of nodejs", "published": "2017-07-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872916", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-15T11:27:25"}, {"id": "OPENVAS:1361412562310873120", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2017-7c1621d2e8", "description": "Check the version of nodejs", "published": "2017-08-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873120", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-21T11:27:48"}, {"id": "OPENVAS:1361412562310873205", "type": "openvas", "title": "Fedora Update for mingw-c-ares FEDORA-2017-7c9a5b4791", "description": "Check the version of mingw-c-ares", "published": "2017-08-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873205", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-08-21T11:27:48"}], "nessus": [{"id": "FEDORA_2017-AA44293A53.NASL", "type": "nessus", "title": "Fedora 24 : 1:nodejs (2017-aa44293a53)", "description": "[Security update](https://nodejs.org/en/blog/vulnerability/july-2017-security-re leases/)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-07-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=102005", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-04T11:06:37"}, {"id": "SUSE_SU-2017-1792-1.NASL", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libcares2 (SUSE-SU-2017:1792-1)", "description": "This update for libcares2 fixes the following issues :\n\n - CVE-2017-1000381: A NAPTR parser out of bounds access was fixed that could lead to crashes. (bsc#1044946)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-07-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101290", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-01T03:02:44"}, {"id": "FEDORA_2017-6DC3FD198D.NASL", "type": "nessus", "title": "Fedora 26 : c-ares (2017-6dc3fd198d)", "description": "- CVE-2017-1000381: c-ares NAPTR parser out of bounds access\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-07-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101653", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-02T05:26:52"}, {"id": "FEDORA_2017-7C1621D2E8.NASL", "type": "nessus", "title": "Fedora 26 : 1:nodejs (2017-7c1621d2e8)", "description": "[Security update](https://nodejs.org/en/blog/vulnerability/july-2017-security-re leases/)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-07-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101918", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-04T11:04:42"}, {"id": "UBUNTU_USN-3395-1.NASL", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : c-ares vulnerability (USN-3395-1)", "description": "It was discovered that c-ares incorrectly handled certain NAPTR responses. A remote attacker could possibly use this issue to cause applications using c-ares to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-08-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=102583", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-01-31T07:01:38"}, {"id": "DEBIAN_DLA-998.NASL", "type": "nessus", "title": "Debian DLA-998-1 : c-ares security update", "description": "CVE-2017-1000381 The c-ares function ares_parse_naptr_reply(), which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.9.1-3+deb7u2.\n\nWe recommend that you upgrade your c-ares packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-06-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101006", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-01-30T01:02:53"}, {"id": "FEDORA_2017-05254795CF.NASL", "type": "nessus", "title": "Fedora 25 : mingw-c-ares (2017-05254795cf)", "description": "New version, security fix for CVE-2017-1000381.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-08-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=102098", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-02T01:18:41"}, {"id": "FEDORA_2017-81522AC6D8.NASL", "type": "nessus", "title": "Fedora 25 : 1:nodejs (2017-81522ac6d8)", "description": "[Security update](https://nodejs.org/en/blog/vulnerability/july-2017-security-re leases/)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-07-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=102001", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-04T11:14:06"}, {"id": "OPENSUSE-2017-810.NASL", "type": "nessus", "title": "openSUSE Security Update : libcares2 (openSUSE-2017-810)", "description": "This update for libcares2 fixes the following issues :\n\n - CVE-2017-1000381: A NAPTR parser out of bounds access was fixed that could lead to crashes. (bsc#1044946)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "published": "2017-07-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101543", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-01-27T03:02:27"}, {"id": "FEDORA_2017-7C9A5B4791.NASL", "type": "nessus", "title": "Fedora 26 : mingw-c-ares (2017-7c9a5b4791)", "description": "New version, security fix for CVE-2017-1000381.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-08-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=102100", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-02-04T10:55:00"}], "cloudfoundry": [{"id": "CFOUNDRY:1A6B8C06D363B7B848EFE6CFA40BA31D", "type": "cloudfoundry", "title": "Multiple Node.js Vulnerabilities - Cloud Foundry", "description": "# \n\n# Severity\n\nHigh\n\n# Vendor\n\nNode.js\n\n# Versions Affected\n\n * Node.js: \n * 4.x versions prior to 4.8.4\n * 6.x versions prior to 6.11.1\n * 7.x versions prior to 7.10.1\n * 8.x versions prior to 8.1.4\n\n# Description\n\nAll current versions of v4.x through to v8.x inclusive are vulnerable to an issue that can be used by an external attacker to cause a denial of service. The severity of this vulnerability is high and users of the affected versions should plan to upgrade. [1]\n\nThe releases for the affected Node.js release lines have been updated to include the patches need to address the following issues in Node.js dependencies. These are all considered to be low severity for Node.js due to the limited impact or likelihood of exploit in the Node.js environment.\n\n**CVE-2017-1000381 \u2013 c-ares NAPTR parser out of bounds access**\n\nA security vulnerability has been discovered in the c-ares library that is bundled with all versions of Node.js. Parsing of NAPTR responses could be triggered to read memory outside of the given input buffer through carefully crafted DNS reponse packets. The patch recommended in [CVE-2017-1000381](<https://c-ares.haxx.se/adv_20170620.html>) has been added to the version of c-ares in Node.js in these releases.\n\nThis is a low severity defect and affects all active release lines (4.x, 6.x and 8.x) as well as the 7.x line.\n\n# Affected Cloud Foundry Products and Versions\n\n * Node.js buildpack versions prior to v1.6.3\n * Ruby buildpack versions prior to v1.6.44\n * .NET Core buildpack versions prior to v1.0.22\n\n# Mitigation\n\nUsers are strongly encouraged to follow one of the mitigations below:\n\n * Upgrade to Cloud Foundry version 269 or later [2] OR\n * Upgrade the individual buildpacks to the following versions and restage all applications that use automated buildpack detection: \n * Node.js buildpack v1.6.3 [3]\n * Ruby buildpack v1.6.44 [4]\n * .NET Core buildpack v1.0.22 [5]\n * Please Note: as of July 20, cf-release v269 has not yet been finalized. Cf-release v268 contains the updated buildpacks except for the Node.js buildpack.\n\n# References\n\n * [1] <https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/>\n * [2] <https://github.com/cloudfoundry/cf-release/releases>\n * [3] <https://github.com/cloudfoundry/nodejs-buildpack/releases>\n * [4] <https://github.com/cloudfoundry/ruby-buildpack/releases>\n * [5] <https://github.com/cloudfoundry/dotnet-core-buildpack/releases>\n", "published": "2017-07-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.cloudfoundry.org/blog/2017-07-11-nodejs/", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-01-12T14:53:00"}], "amazon": [{"id": "ALAS-2017-859", "type": "amazon", "title": "Medium: c-ares", "description": "**Issue Overview:**\n\nThe c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. ( [CVE-2017-1000381 __](<https://access.redhat.com/security/cve/CVE-2017-1000381>) )\n\n \n**Affected Packages:** \n\n\nc-ares\n\n \n**Issue Correction:** \nRun _yum update c-ares_ to update your system. \n\n\n \n**New Packages:**\n \n \n i686: \n c-ares-devel-1.13.0-1.5.amzn1.i686 \n c-ares-debuginfo-1.13.0-1.5.amzn1.i686 \n c-ares-1.13.0-1.5.amzn1.i686 \n \n src: \n c-ares-1.13.0-1.5.amzn1.src \n \n x86_64: \n c-ares-devel-1.13.0-1.5.amzn1.x86_64 \n c-ares-1.13.0-1.5.amzn1.x86_64 \n c-ares-debuginfo-1.13.0-1.5.amzn1.x86_64 \n \n \n", "published": "2017-07-20T01:22:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://alas.aws.amazon.com/ALAS-2017-859.html", "cvelist": ["CVE-2017-1000381"], "lastseen": "2017-07-25T04:16:18"}], "ubuntu": [{"id": "USN-3395-1", "type": "ubuntu", "title": "c-ares vulnerability", "description": "It was discovered that c-ares incorrectly handled certain NAPTR responses. A remote attacker could possibly use this issue to cause applications using c-ares to crash, resulting in a denial of service.", "published": "2017-08-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3395-1/", "cvelist": ["CVE-2017-1000381"], "lastseen": "2018-03-29T18:18:32"}]}}