{"id": "FREEBSD_PKG_549A277149CC11E4AE2CC80AA9043978.NASL", "bulletinFamily": "scanner", "title": "FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)", "description": "Jenkins Security Advisory :\n\nPlease reference CVE/URL list for details", "published": "2014-10-02T00:00:00", "modified": "2014-10-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/78017", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.tenable.com/security/research/tra-2016-23", "http://www.nessus.org/u?73da41b2", "http://www.nessus.org/u?1236c16f"], "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "type": "nessus", "lastseen": "2021-01-07T10:43:31", "edition": 21, "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201410-2"]}, {"type": "freebsd", "idList": ["549A2771-49CC-11E4-AE2C-C80AA9043978"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2013-1428.NASL", "OPENSUSE-2013-786.NASL", "SUSE_11_JAKARTA-COMMONS-FILEUPLOAD-131017.NASL", "DEBIAN_DSA-2827.NASL", "UBUNTU_USN-2029-1.NASL", "JENKINS_1_583.NASL", "REDHAT-RHSA-2016-0070.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310807013", "OPENVAS:1361412562310702827", "OPENVAS:1361412562310841621", "OPENVAS:1361412562310808268", "OPENVAS:702827", "OPENVAS:841621"]}, {"type": "cve", "idList": ["CVE-2014-3662", "CVE-2014-3663", "CVE-2014-3667", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3661", "CVE-2014-3666", "CVE-2014-3679", "CVE-2014-3664", "CVE-2014-3680"]}, {"type": "f5", "idList": ["SOL63443590", "F5:K63443590", "F5:K48758740"]}, {"type": "redhat", "idList": ["RHSA-2013:1428", "RHSA-2016:0070", "RHSA-2013:1442", "RHSA-2013:1429", "RHSA-2013:1448"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14233", "SECURITYVULNS:DOC:30086", "SECURITYVULNS:VULN:13441", "SECURITYVULNS:VULN:14601"]}, {"type": "suse", "idList": ["SUSE-SU-2013:1660-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2827-1:2E9E3"]}, {"type": "ubuntu", "idList": ["USN-2029-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2016-2367955", "ORACLE:CPUJAN2015-1972971", "ORACLE:CPUJAN2015", "ORACLE:CPUJUL2015-2367936", "ORACLE:CPUJAN2016", "ORACLE:CPUJUL2015"]}], "modified": "2021-01-07T10:43:31", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-01-07T10:43:31", "rev": 2}, "vulnersScore": 6.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78017);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2186\", \"CVE-2014-1869\", \"CVE-2014-3661\", \"CVE-2014-3662\", \"CVE-2014-3663\", \"CVE-2014-3664\", \"CVE-2014-3666\", \"CVE-2014-3667\", \"CVE-2014-3678\", \"CVE-2014-3679\", \"CVE-2014-3680\", \"CVE-2014-3681\");\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n\n script_name(english:\"FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jenkins Security Advisory :\n\nPlease reference CVE/URL list for details\"\n );\n # https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1236c16f\"\n );\n # https://vuxml.freebsd.org/freebsd/549a2771-49cc-11e4-ae2c-c80aa9043978.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73da41b2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:jenkins-lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"jenkins<1.583\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"jenkins-lts<1.565.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "pluginID": "78017", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:jenkins", "p-cpe:/a:freebsd:freebsd:jenkins-lts"], "scheme": null}

{"archlinux": [{"lastseen": "2016-09-02T18:44:35", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "description": "- SECURITY-87/CVE-2014-3661 (anonymous DoS attack through CLI handshake)\nThis vulnerability allows unauthenticated users with access to Jenkins'\nHTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion.\n\n- SECURITY-110/CVE-2014-3662 (User name discovery)\nAnonymous users can test if the user of a specific name exists or not\nthrough login attempts.\n\n- SECURITY-127&amp;128/CVE-2014-3663 (privilege escalation in job\nconfiguration permission)\nAn user with a permission limited to Job/CONFIGURE can exploit this\nvulnerability to effectively create a new job, which should have been\nonly possible for users with Job/CREATE permission, or to destroy jobs\nthat he/she does not have access otherwise.\n\n- SECURITY-131/CVE-2014-3664 (directory traversal attack)\nUsers with Overall/READ permission can access arbitrary files in the\nfile system readable by the Jenkins process, resulting in the exposure\nof sensitive information, such as encryption keys.\n\n- SECURITY-138/CVE-2014-3680 (Password exposure in DOM)\nIf a parameterized job has a default value in a password field, that\ndefault value gets exposed to users with Job/READ permission.\n\n- SECURITY-143/CVE-2014-3681 (XSS vulnerability in Jenkins core)\nReflected cross-site scripting vulnerability in Jenkins core. An\nattacker can navigate the user to a carefully crafted URL and have the\nuser execute unintended actions.\n\n- SECURITY-150/CVE-2014-3666 (remote code execution from CLI)\nUnauthenticated user can execute arbitrary code on Jenkins master by\nsending carefully crafted packets over the CLI channel.\n\n- SECURITY-155/CVE-2014-3667 (exposure of plugin code)\nPrograms that constitute plugins can be downloaded by anyone with the\nOverall/READ permission, resulting in the exposure of otherwise\nsensitive information, such as hard-coded keys in plugins, if any.\n\n- SECURITY-159/CVE-2013-2186 (arbitrary file system write)\nSecurity vulnerability in commons fileupload allows unauthenticated\nattacker to upload arbitrary files to Jenkins master.\n\n- SECURITY-149/CVE-2014-1869 (XSS vulnerabilities in ZeroClipboard)\nreflective XSS vulnerability in one of the library dependencies of Jenkins.\n\n- SECURITY-113/CVE-2014-3678 (XSS vulnerabilities in monitoring plugin)\nMonitoring plugin allows an attacker to cause a victim into executing\nunwanted actions on Jenkins instance.\n\n- SECURITY-113/CVE-2014-3679 (hole in access control)\nCertain pages in monitoring plugin are visible to anonymous users,\nallowing them to gain information that they are not supposed to.", "modified": "2014-10-02T00:00:00", "published": "2014-10-02T00:00:00", "id": "ASA-201410-2", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html", "type": "archlinux", "title": "jenkins: multiple issues", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "description": "\nJenkins Security Advisory:\n\nPlease reference CVE/URL list for details\n\n", "edition": 6, "modified": "2014-10-01T00:00:00", "published": "2014-10-01T00:00:00", "id": "549A2771-49CC-11E4-AE2C-C80AA9043978", "href": "https://vuxml.freebsd.org/freebsd/549a2771-49cc-11e4-ae2c-c80aa9043978.html", "title": "jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-20T11:36:10", "description": "The remote web server hosts a version of Jenkins (open source) or\nCloudBees Jenkins Enterprise that is affected by multiple\nvulnerabilities :\n\n - An error exists related to file upload processing that\n allows a remote attacker to overwrite arbitrary files.\n (CVE-2013-2186)\n\n - An input validation error exists related to the included\n 'ZeroClipboard' component that allows cross-site\n scripting attacks. (CVE-2014-1869)\n\n - An error exists related to 'CLI handshake' handling that\n allows denial of service attacks. (CVE-2014-3661)\n\n - An error exists related to handling login attempts using\n non-existent or incorrect account names that allows a\n remote attacker to enumerate application user names.\n (CVE-2014-3662)\n\n - An error exists related to handling users having\n 'Job/CONFIGURE' permissions that allows such users to\n perform actions meant only for 'Job/CREATE' permissions.\n (CVE-2014-3663)\n\n - An error exists related to handling users having\n 'Overall/READ' permissions that allows directory\n traversal attacks. (CVE-2014-3664)\n\n - An error exists related to the 'CLI channel' that allows\n arbitrary code execution by a remote attacker on the\n Jenkins master. (CVE-2014-3666)\n\n - An error exists related to handling users having\n 'Overall/READ' permissions that allows plugin source\n code to be disclosed. (CVE-2014-3667)\n\n - An input validation error exists related to the\n 'Monitoring' plugin that allows cross-site scripting\n attacks. (CVE-2014-3678)\n\n - An error exists related to the 'Monitoring' plugin that\n allows unauthorized access to sensitive information.\n (CVE-2014-3679)\n\n - An error exists related to handling users having\n 'Job/READ' permissions that allows such users to\n obtain default passwords belonging to parameterized\n jobs. (CVE-2014-3680)\n\n - An unspecified input validation error allows cross-site\n scripting attacks. (CVE-2014-3681)", "edition": 27, "published": "2014-11-04T00:00:00", "title": "Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3678", "CVE-2014-3681", "CVE-2014-3679", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "modified": "2014-11-04T00:00:00", "cpe": ["cpe:/a:cloudbees:jenkins", "cpe:/a:jenkins-ci:monitoring_plugin"], "id": "JENKINS_1_583.NASL", "href": "https://www.tenable.com/plugins/nessus/78859", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78859);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\n \"CVE-2013-2186\",\n \"CVE-2014-1869\",\n \"CVE-2014-3661\",\n \"CVE-2014-3662\",\n \"CVE-2014-3663\",\n \"CVE-2014-3664\",\n \"CVE-2014-3666\",\n \"CVE-2014-3667\",\n \"CVE-2014-3678\",\n \"CVE-2014-3679\",\n \"CVE-2014-3680\",\n \"CVE-2014-3681\"\n );\n script_bugtraq_id(63174, 65484);\n\n script_name(english:\"Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Jenkins version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a job scheduling and management system\nthat is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote web server hosts a version of Jenkins (open source) or\nCloudBees Jenkins Enterprise that is affected by multiple\nvulnerabilities :\n\n - An error exists related to file upload processing that\n allows a remote attacker to overwrite arbitrary files.\n (CVE-2013-2186)\n\n - An input validation error exists related to the included\n 'ZeroClipboard' component that allows cross-site\n scripting attacks. (CVE-2014-1869)\n\n - An error exists related to 'CLI handshake' handling that\n allows denial of service attacks. (CVE-2014-3661)\n\n - An error exists related to handling login attempts using\n non-existent or incorrect account names that allows a\n remote attacker to enumerate application user names.\n (CVE-2014-3662)\n\n - An error exists related to handling users having\n 'Job/CONFIGURE' permissions that allows such users to\n perform actions meant only for 'Job/CREATE' permissions.\n (CVE-2014-3663)\n\n - An error exists related to handling users having\n 'Overall/READ' permissions that allows directory\n traversal attacks. (CVE-2014-3664)\n\n - An error exists related to the 'CLI channel' that allows\n arbitrary code execution by a remote attacker on the\n Jenkins master. (CVE-2014-3666)\n\n - An error exists related to handling users having\n 'Overall/READ' permissions that allows plugin source\n code to be disclosed. (CVE-2014-3667)\n\n - An input validation error exists related to the\n 'Monitoring' plugin that allows cross-site scripting\n attacks. (CVE-2014-3678)\n\n - An error exists related to the 'Monitoring' plugin that\n allows unauthorized access to sensitive information.\n (CVE-2014-3679)\n\n - An error exists related to handling users having\n 'Job/READ' permissions that allows such users to\n obtain default passwords belonging to parameterized\n jobs. (CVE-2014-3680)\n\n - An unspecified input validation error allows cross-site\n scripting attacks. (CVE-2014-3681)\");\n # https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1236c16f\");\n # https://www.cloudbees.com/jenkins-security-advisory-2014-10-01\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8f0783e9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Jenkins 1.583 / 1.565.3 or Jenkins Enterprise 1.532.10.1 /\n1.554.10.1 / 1.565.3.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cloudbees:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jenkins-ci:monitoring_plugin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jenkins_detect.nasl\");\n script_require_keys(\"www/Jenkins\");\n script_require_ports(\"Services/www\", 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:8080);\n\nget_kb_item_or_exit(\"www/Jenkins/\"+port+\"/Installed\");\n\n# Check if install is Enterprise\nenterprise_installed = get_kb_item(\"www/Jenkins/\"+port+\"/enterprise/Installed\");\nif (!isnull(enterprise_installed)) appname = \"Jenkins Enterprise by CloudBees\";\nelse appname = \"Jenkins Open Source\";\n\nurl = build_url(qs:'/', port:port);\n\nversion = get_kb_item_or_exit(\"www/Jenkins/\"+port+\"/JenkinsVersion\");\nif (version == \"unknown\") audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, url);\n\nif (report_paranoia < 2 && isnull(enterprise_installed)) audit(AUDIT_PARANOID);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\nif (max_index(ver) < 2) audit(AUDIT_VER_NOT_GRANULAR, appname, port, version);\n\nif (\n report_paranoia > 1 && isnull(enterprise_installed) &&\n (\n ver_compare(ver:version, fix:'1.565.3', strict:FALSE) < 0 || # LTS version\n (\n ver[0] == 1 && ver[1] > 565 && ver[1] < 583 && # flag vulnerable major version releases,\n max_index(ver) < 3 # but not future LTS releases\n )\n )\n)\n{\n vuln = TRUE;\n fixed = \"1.583 / 1.565.3\";\n}\n\n# Check Enterprise ranges\n# 1.565.1.1 up to 1.565.2.x\n# 1.554.1.1 up to 1.554.9.x\n# 1.532.1.1 up to 1.532.9.x\nif (\n enterprise_installed &&\n (\n # All previous\n (ver[0] < 1 || (ver[0] == 1 && ver[1] < 509))\n ||\n # 1.565.1.1 up to 1.565.2.x\n (ver[0] == 1 && ver[1] == 565 && ((ver[2] == 1 && ver[3] >= 1) || (ver[2] == 2)))\n ||\n # 1.554.1.1 up to 1.554.9.x\n (ver[0] == 1 && ver[1] == 554 && ((ver[2] < 1 && ver[3] >= 1) || (ver[2] >= 2 && ver[2] <= 9)))\n ||\n # 1.532.1.1 up to 1.532.9.x\n (ver[0] == 1 && ver[1] == 532 && ((ver[2] < 1 && ver[3] >= 1) || (ver[2] >= 2 && ver[2] <= 9)))\n )\n)\n{\n vuln = TRUE;\n fixed = \"1.532.10.1 / 1.554.10.1 / 1.565.3.1\";\n}\n\nif (vuln)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + url +\n '\\n Product : ' + appname +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, url, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T05:06:07", "description": "Red Hat OpenShift Enterprise release 3.1.1 is now available with\nupdates to packages that fix several security issues, bugs and\nintroduce feature enhancements.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or\nprivate cloud deployments.\n\nThe following security issues are addressed with this release :\n\nAn authorization flaw was discovered in Kubernetes; the API server did\nnot properly check user permissions when handling certain requests. An\nauthenticated remote attacker could use this flaw to gain additional\naccess to resources such as RAM and disk space. (CVE-2016-1905)\n\nAn authorization flaw was discovered in Kubernetes; the API server did\nnot properly check user permissions when handling certain build-\nconfiguration strategies. A remote attacker could create build\nconfigurations with strategies that violate policy. Although the\nattacker could not launch the build themselves (launch fails when the\npolicy is violated), if the build configuration files were later\nlaunched by other privileged services (such as automated triggers),\nuser privileges could be bypassed allowing attacker escalation.\n(CVE-2016-1906)\n\nAn update for Jenkins Continuous Integration Server that addresses a\nlarge number of security issues including XSS, CSRF, information\ndisclosure and code execution have been addressed as well.\n(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662\nCVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667\nCVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807\nCVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813\nCVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319\nCVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323\nCVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537\nCVE-2015-7538, CVE-2015-7539, CVE-2015-8103)\n\nSpace precludes documenting all of the bug fixes and enhancements in\nthis advisory. See the OpenShift Enterprise 3.1 Release Notes, which\nwill be updated shortly for release 3.1.1, for details about these\nchanges :\n\nhttps://docs.openshift.com/enterprise/3.1/release_notes/\nose_3_1_release_notes.html\n\nAll OpenShift Enterprise 3 users are advised to upgrade to these\nupdated packages.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-06T00:00:00", "title": "RHEL 7 : openshift (RHSA-2016:0070)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2015-5323", "CVE-2016-1906", "CVE-2015-1814", "CVE-2015-1806", "CVE-2015-1812", "CVE-2015-1808", "CVE-2015-7537", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3681", "CVE-2015-7539", "CVE-2015-1810", "CVE-2015-7538", "CVE-2013-2186", "CVE-2015-5324", "CVE-2015-5319", "CVE-2015-1807", "CVE-2014-3663", "CVE-2015-5322", "CVE-2015-5317", "CVE-2015-5321", "CVE-2015-5320", "CVE-2015-5318", "CVE-2015-5326", "CVE-2016-1905", "CVE-2015-1813", "CVE-2015-5325", "CVE-2014-3664", "CVE-2015-8103", "CVE-2014-3662"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarguments", "p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-wrap", "p-cpe:/a:redhat:enterprise_linux:nodejs-object-assign", "p-cpe:/a:redhat:enterprise_linux:nodejs-repeat-element", "p-cpe:/a:redhat:enterprise_linux:nodejs-package-json", "p-cpe:/a:redhat:enterprise_linux:nodejs-touch", "p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-primitive", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarray", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry", "p-cpe:/a:redhat:enterprise_linux:nodejs-fill-range", "p-cpe:/a:redhat:enterprise_linux:nodejs-ps-tree", "p-cpe:/a:redhat:enterprise_linux:openvswitch-test", "p-cpe:/a:redhat:enterprise_linux:openvswitch-devel", "p-cpe:/a:redhat:enterprise_linux:nodejs-readdirp", "p-cpe:/a:redhat:enterprise_linux:nodejs-isobject", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.restparam", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift", "p-cpe:/a:redhat:enterprise_linux:nodejs-arrify", "p-cpe:/a:redhat:enterprise_linux:nodejs-normalize-path", "p-cpe:/a:redhat:enterprise_linux:nodejs-xdg-basedir", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.bindcallback", "p-cpe:/a:redhat:enterprise_linux:nodejs-end-of-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.assign", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-equal-shallow", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-dotfile", "p-cpe:/a:redhat:enterprise_linux:nodejs-update-notifier", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-number", "p-cpe:/a:redhat:enterprise_linux:nodejs-pause-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-lowercase-keys", "p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node", "p-cpe:/a:redhat:enterprise_linux:nodejs-url-parse-lax", "p-cpe:/a:redhat:enterprise_linux:jenkins", "p-cpe:/a:redhat:enterprise_linux:nodejs-expand-brackets", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-extglob", "p-cpe:/a:redhat:enterprise_linux:nodejs-error-ex", "p-cpe:/a:redhat:enterprise_linux:nodejs-filename-regex", "p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins", "p-cpe:/a:redhat:enterprise_linux:python-openvswitch", "p-cpe:/a:redhat:enterprise_linux:nodejs-stream-combiner", "p-cpe:/a:redhat:enterprise_linux:nodejs-rc", "p-cpe:/a:redhat:enterprise_linux:nodejs-write-file-atomic", "p-cpe:/a:redhat:enterprise_linux:nodejs-preserve", "p-cpe:/a:redhat:enterprise_linux:nodejs-strip-json-comments", "p-cpe:/a:redhat:enterprise_linux:nodejs-optimist", "p-cpe:/a:redhat:enterprise_linux:nodejs-registry-url", "p-cpe:/a:redhat:enterprise_linux:nodejs-glob-parent", "p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles", "p-cpe:/a:redhat:enterprise_linux:nodejs-node-status-codes", "p-cpe:/a:redhat:enterprise_linux:nodejs-os-tmpdir", "p-cpe:/a:redhat:enterprise_linux:nodejs-map-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-micromatch", "p-cpe:/a:redhat:enterprise_linux:nodejs-mkdirp", "p-cpe:/a:redhat:enterprise_linux:nodejs-semver-diff", "p-cpe:/a:redhat:enterprise_linux:nodejs-slide", "p-cpe:/a:redhat:enterprise_linux:nodejs-braces", "p-cpe:/a:redhat:enterprise_linux:nodejs-create-error-class", "p-cpe:/a:redhat:enterprise_linux:nodejs-extglob", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.keys", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-npm", "p-cpe:/a:redhat:enterprise_linux:nodejs-string-length", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-glob", "p-cpe:/a:redhat:enterprise_linux:nodejs-align-text", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:nodejs-kind-of", "p-cpe:/a:redhat:enterprise_linux:nodejs-duplexer", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.defaults", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.createassigner", "p-cpe:/a:redhat:enterprise_linux:nodejs-arr-diff", "p-cpe:/a:redhat:enterprise_linux:nodejs-object.omit", "p-cpe:/a:redhat:enterprise_linux:nodejs-undefsafe", "p-cpe:/a:redhat:enterprise_linux:nodejs-timed-out", "p-cpe:/a:redhat:enterprise_linux:nodejs-parse-json", "p-cpe:/a:redhat:enterprise_linux:nodejs-got", "p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:nodejs-uuid", "p-cpe:/a:redhat:enterprise_linux:nodejs-from", "p-cpe:/a:redhat:enterprise_linux:nodejs-for-in", "p-cpe:/a:redhat:enterprise_linux:openvswitch-debuginfo", "p-cpe:/a:redhat:enterprise_linux:heapster", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-plain-obj", "p-cpe:/a:redhat:enterprise_linux:nodejs-event-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.baseassign", "p-cpe:/a:redhat:enterprise_linux:nodejs-duplexify", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils", "p-cpe:/a:redhat:enterprise_linux:nodejs-array-unique", "p-cpe:/a:redhat:enterprise_linux:nodejs-glob-base", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-extendable", "p-cpe:/a:redhat:enterprise_linux:nodejs-expand-range", "p-cpe:/a:redhat:enterprise_linux:nodejs-through", "p-cpe:/a:redhat:enterprise_linux:nodejs-ini", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.getnative", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-binary-path", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master", "p-cpe:/a:redhat:enterprise_linux:nodejs-read-all-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-deep-extend", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-redirect", "p-cpe:/a:redhat:enterprise_linux:nodejs-latest-version", "p-cpe:/a:redhat:enterprise_linux:nodejs-es6-promise", "p-cpe:/a:redhat:enterprise_linux:nodejs-for-own", "p-cpe:/a:redhat:enterprise_linux:nodejs-randomatic", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.basecopy", "p-cpe:/a:redhat:enterprise_linux:nodejs-success-symbol", "p-cpe:/a:redhat:enterprise_linux:nodejs-split", "p-cpe:/a:redhat:enterprise_linux:nodejs-prepend-http", "p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie", "p-cpe:/a:redhat:enterprise_linux:openvswitch", "p-cpe:/a:redhat:enterprise_linux:nodejs-capture-stack-trace", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs", "p-cpe:/a:redhat:enterprise_linux:openshift-ansible", "p-cpe:/a:redhat:enterprise_linux:nodejs-regex-cache", "p-cpe:/a:redhat:enterprise_linux:nodejs-configstore", "p-cpe:/a:redhat:enterprise_linux:nodejs-is-stream", "p-cpe:/a:redhat:enterprise_linux:nodejs-binary-extensions", "p-cpe:/a:redhat:enterprise_linux:nodejs-graceful-fs", "p-cpe:/a:redhat:enterprise_linux:nodejs-parse-glob", "p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks", "p-cpe:/a:redhat:enterprise_linux:origin-kibana", "p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-green", "p-cpe:/a:redhat:enterprise_linux:nodejs-anymatch", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-recycle", "p-cpe:/a:redhat:enterprise_linux:nodejs-os-homedir", "p-cpe:/a:redhat:enterprise_linux:nss_wrapper-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nodejs-chokidar", "p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isiterateecall", "p-cpe:/a:redhat:enterprise_linux:nodejs-async-each", "p-cpe:/a:redhat:enterprise_linux:nodejs-arr-flatten", "p-cpe:/a:redhat:enterprise_linux:nodejs-unzip-response", "p-cpe:/a:redhat:enterprise_linux:nss_wrapper", "p-cpe:/a:redhat:enterprise_linux:nodejs-semver", "p-cpe:/a:redhat:enterprise_linux:nodejs-osenv", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients", "p-cpe:/a:redhat:enterprise_linux:nodejs-lazy-cache", "p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie-promise"], "id": "REDHAT-RHSA-2016-0070.NASL", "href": "https://www.tenable.com/plugins/nessus/119442", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0070. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119442);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:41\");\n\n script_cve_id(\"CVE-2013-2186\", \"CVE-2014-1869\", \"CVE-2014-3661\", \"CVE-2014-3662\", \"CVE-2014-3663\", \"CVE-2014-3664\", \"CVE-2014-3666\", \"CVE-2014-3667\", \"CVE-2014-3680\", \"CVE-2014-3681\", \"CVE-2015-1806\", \"CVE-2015-1807\", \"CVE-2015-1808\", \"CVE-2015-1810\", \"CVE-2015-1812\", \"CVE-2015-1813\", \"CVE-2015-1814\", \"CVE-2015-5317\", \"CVE-2015-5318\", \"CVE-2015-5319\", \"CVE-2015-5320\", \"CVE-2015-5321\", \"CVE-2015-5322\", \"CVE-2015-5323\", \"CVE-2015-5324\", \"CVE-2015-5325\", \"CVE-2015-5326\", \"CVE-2015-7537\", \"CVE-2015-7538\", \"CVE-2015-7539\", \"CVE-2015-8103\", \"CVE-2016-1905\", \"CVE-2016-1906\");\n script_xref(name:\"RHSA\", value:\"2016:0070\");\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n\n script_name(english:\"RHEL 7 : openshift (RHSA-2016:0070)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat OpenShift Enterprise release 3.1.1 is now available with\nupdates to packages that fix several security issues, bugs and\nintroduce feature enhancements.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or\nprivate cloud deployments.\n\nThe following security issues are addressed with this release :\n\nAn authorization flaw was discovered in Kubernetes; the API server did\nnot properly check user permissions when handling certain requests. An\nauthenticated remote attacker could use this flaw to gain additional\naccess to resources such as RAM and disk space. (CVE-2016-1905)\n\nAn authorization flaw was discovered in Kubernetes; the API server did\nnot properly check user permissions when handling certain build-\nconfiguration strategies. A remote attacker could create build\nconfigurations with strategies that violate policy. Although the\nattacker could not launch the build themselves (launch fails when the\npolicy is violated), if the build configuration files were later\nlaunched by other privileged services (such as automated triggers),\nuser privileges could be bypassed allowing attacker escalation.\n(CVE-2016-1906)\n\nAn update for Jenkins Continuous Integration Server that addresses a\nlarge number of security issues including XSS, CSRF, information\ndisclosure and code execution have been addressed as well.\n(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662\nCVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667\nCVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807\nCVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813\nCVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319\nCVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323\nCVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537\nCVE-2015-7538, CVE-2015-7539, CVE-2015-8103)\n\nSpace precludes documenting all of the bug fixes and enhancements in\nthis advisory. See the OpenShift Enterprise 3.1 Release Notes, which\nwill be updated shortly for release 3.1.1, for details about these\nchanges :\n\nhttps://docs.openshift.com/enterprise/3.1/release_notes/\nose_3_1_release_notes.html\n\nAll OpenShift Enterprise 3 users are advised to upgrade to these\nupdated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7537\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'OpenNMS Java Object Unserialization Remote Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-recycle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:heapster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-align-text\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-green\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-wrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-anymatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-arr-diff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-arr-flatten\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-array-unique\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-arrify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-async-each\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-binary-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-braces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-capture-stack-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-chokidar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-configstore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-create-error-class\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-deep-extend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-duplexer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-duplexify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-end-of-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-error-ex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-es6-promise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-event-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-expand-brackets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-expand-range\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-extglob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-filename-regex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-fill-range\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-for-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-for-own\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-from\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-glob-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-glob-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-got\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-graceful-fs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-binary-path\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-dotfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-equal-shallow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-extendable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-extglob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-glob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-npm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-number\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-plain-obj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-primitive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-redirect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-is-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-isobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-kind-of\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-latest-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lazy-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.assign\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.baseassign\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.basecopy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.bindcallback\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.createassigner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.defaults\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.getnative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarguments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isiterateecall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.restparam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-lowercase-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-map-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-micromatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-mkdirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-node-status-codes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-normalize-path\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-object-assign\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-object.omit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-optimist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-os-homedir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-os-tmpdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-osenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-package-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-parse-glob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-parse-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-pause-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie-promise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-prepend-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-preserve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-ps-tree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-randomatic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-rc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-read-all-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-readdirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-regex-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-registry-url\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-repeat-element\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-semver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-semver-diff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-slide\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-split\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-stream-combiner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-string-length\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-strip-json-comments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-success-symbol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-through\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-timed-out\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-touch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-undefsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-unzip-response\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-update-notifier\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-url-parse-lax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-write-file-atomic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nodejs-xdg-basedir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss_wrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss_wrapper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:origin-kibana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-openvswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0070\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-openshift-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-dockerregistry-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-dockerregistry-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-recycle-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-recycle-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-utils-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-utils-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"heapster-0.18.2-3.gitaf4752e.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jenkins-1.625.3-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-align-text-0.1.3-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-ansi-green-0.1.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-ansi-wrap-0.1.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-anymatch-1.3.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-arr-diff-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-arr-flatten-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-array-unique-0.2.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-arrify-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-async-each-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-binary-extensions-1.3.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-braces-1.8.2-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-capture-stack-trace-1.0.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-chokidar-1.4.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-configstore-1.4.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-create-error-class-2.0.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-deep-extend-0.3.2-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-duplexer-0.1.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-duplexify-3.4.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-end-of-stream-1.1.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-error-ex-1.2.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-es6-promise-3.0.2-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-event-stream-3.3.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-expand-brackets-0.1.4-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-expand-range-1.8.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-extglob-0.3.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-filename-regex-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-fill-range-2.2.3-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-for-in-0.1.4-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-for-own-0.1.3-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-from-0.1.3-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-glob-base-0.3.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-glob-parent-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-got-5.2.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-graceful-fs-4.1.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-ini-1.1.0-6.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-binary-path-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-dotfile-1.0.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-equal-shallow-0.1.3-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-extendable-0.1.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-extglob-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-glob-2.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-npm-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-number-2.1.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-plain-obj-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-primitive-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-redirect-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-is-stream-1.0.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-isobject-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-kind-of-3.0.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-latest-version-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lazy-cache-1.0.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.assign-3.2.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.baseassign-3.2.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.basecopy-3.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.bindcallback-3.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.createassigner-3.1.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.defaults-3.1.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.getnative-3.9.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.isarguments-3.0.4-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.isarray-3.0.4-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.isiterateecall-3.0.9-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.keys-3.1.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lodash.restparam-3.6.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-lowercase-keys-1.0.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-map-stream-0.1.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-micromatch-2.3.5-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-mkdirp-0.5.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-node-status-codes-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-nodemon-1.8.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-normalize-path-2.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-object-assign-4.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-object.omit-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-optimist-0.4.0-5.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-os-homedir-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-os-tmpdir-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-osenv-0.1.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-package-json-2.3.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-parse-glob-3.0.4-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-parse-json-2.2.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-pause-stream-0.0.11-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-pinkie-2.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-pinkie-promise-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-prepend-http-1.0.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-preserve-0.2.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-ps-tree-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-randomatic-1.1.5-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-rc-1.1.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-read-all-stream-3.0.1-3.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-readdirp-2.0.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-regex-cache-0.4.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-registry-url-3.0.3-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-repeat-element-1.1.2-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-semver-5.1.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-semver-diff-2.1.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-slide-1.1.5-3.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-split-0.3.3-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-stream-combiner-0.2.1-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-string-length-1.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-strip-json-comments-1.0.2-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-success-symbol-0.1.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-through-2.3.4-4.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-timed-out-2.0.0-3.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-touch-1.0.0-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-undefsafe-0.0.3-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-unzip-response-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-update-notifier-0.6.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-url-parse-lax-1.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-uuid-2.0.1-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-write-file-atomic-1.1.2-2.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nodejs-xdg-basedir-2.0.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss_wrapper-1.0.3-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss_wrapper-debuginfo-1.0.3-1.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-docs-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-docs-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-filter-plugins-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-filter-plugins-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-lookup-plugins-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-lookup-plugins-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-playbooks-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-playbooks-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_exists(rpm:\"openshift-ansible-roles-3.0\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"openshift-ansible-roles-3.0.35-1.git.0.6a386dd.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openvswitch-2.4.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openvswitch-debuginfo-2.4.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openvswitch-devel-2.4.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"openvswitch-test-2.4.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"origin-kibana-0.5.0-1.el7aos\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"python-openvswitch-2.4.0-1.el7\")) flag++;\n if (rpm_exists(rpm:\"tuned-profiles-atomic-openshift-node-3.1\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"tuned-profiles-atomic-openshift-node-3.1.1.6-1.git.0.b57e8bd.el7aos\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-openshift / atomic-openshift-clients / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:40:10", "description": "It was discovered that Apache Commons FileUpload incorrectly handled\nfile names with NULL bytes in serialized instances. An attacker could\nuse this issue to possibly write to arbitrary files.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2013-11-13T00:00:00", "title": "Ubuntu 10.04 LTS : libcommons-fileupload-java vulnerability (USN-2029-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libcommons-fileupload-java", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2029-1.NASL", "href": "https://www.tenable.com/plugins/nessus/70876", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2029-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70876);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-2186\");\n script_bugtraq_id(63174);\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n script_xref(name:\"USN\", value:\"2029-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : libcommons-fileupload-java vulnerability (USN-2029-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Apache Commons FileUpload incorrectly handled\nfile names with NULL bytes in serialized instances. An attacker could\nuse this issue to possibly write to arbitrary files.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2029-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcommons-fileupload-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcommons-fileupload-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcommons-fileupload-java\", pkgver:\"1.2.1-3ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcommons-fileupload-java\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:48:17", "description": "It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to\nservlets and web applications, incorrectly handled file names with\nNULL bytes in serialized instances. A remote attacker able to supply a\nserialized instance of the DiskFileItem class, which will be\ndeserialized on a server, could use this flaw to write arbitrary\ncontent to any location on the server that is accessible to the user\nrunning the application server process.", "edition": 15, "published": "2013-12-24T00:00:00", "title": "Debian DSA-2827-1 : libcommons-fileupload-java - arbitrary file upload via deserialization", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "modified": "2013-12-24T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libcommons-fileupload-java", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2827.NASL", "href": "https://www.tenable.com/plugins/nessus/71618", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2827. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71618);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2186\");\n script_bugtraq_id(63174);\n script_xref(name:\"DSA\", value:\"2827\");\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n\n script_name(english:\"Debian DSA-2827-1 : libcommons-fileupload-java - arbitrary file upload via deserialization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to\nservlets and web applications, incorrectly handled file names with\nNULL bytes in serialized instances. A remote attacker able to supply a\nserialized instance of the DiskFileItem class, which will be\ndeserialized on a server, could use this flaw to write arbitrary\ncontent to any location on the server that is accessible to the user\nrunning the application server process.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726601\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libcommons-fileupload-java\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libcommons-fileupload-java\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libcommons-fileupload-java packages.\n\nFor the oldstable distribution (squeeze), this problem has been fixed\nin version 1.2.2-1+deb6u1.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.2.2-1+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcommons-fileupload-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-fileupload-java\", reference:\"1.2.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-fileupload-java-doc\", reference:\"1.2.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcommons-fileupload-java\", reference:\"1.2.2-1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcommons-fileupload-java-doc\", reference:\"1.2.2-1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:13:05", "description": "An updated jakarta-commons-fileupload package that fixes one security\nissue is now available for Red Hat JBoss Web Server 1.0.2 for Red Hat\nEnterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Apache Commons FileUpload component can be used to add a file\nupload capability to your applications.\n\nA flaw was found in the way the DiskFileItem class handled NULL\ncharacters in file names. A remote attacker able to supply a\nserialized instance of the DiskFileItem class, which will be\ndeserialized on a server, could use this flaw to write arbitrary\ncontent to any location on the server that is accessible to the user\nrunning the application server process. (CVE-2013-2186)\n\nWarning: Before applying the update, back up your existing Red Hat\nJBoss Enterprise Web Server installation (including all applications\nand configuration files).\n\nAll users of Red Hat JBoss Web Server 1.0.2 on Red Hat Enterprise\nLinux 5 and 6 are advised to upgrade to this updated package. The\nJBoss server process must be restarted for the update to take effect.", "edition": 24, "published": "2014-11-08T00:00:00", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2013:1428)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "modified": "2014-11-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-fileupload", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1428.NASL", "href": "https://www.tenable.com/plugins/nessus/78973", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1428. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78973);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2186\");\n script_bugtraq_id(63174);\n script_xref(name:\"RHSA\", value:\"2013:1428\");\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2013:1428)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated jakarta-commons-fileupload package that fixes one security\nissue is now available for Red Hat JBoss Web Server 1.0.2 for Red Hat\nEnterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe Apache Commons FileUpload component can be used to add a file\nupload capability to your applications.\n\nA flaw was found in the way the DiskFileItem class handled NULL\ncharacters in file names. A remote attacker able to supply a\nserialized instance of the DiskFileItem class, which will be\ndeserialized on a server, could use this flaw to write arbitrary\ncontent to any location on the server that is accessible to the user\nrunning the application server process. (CVE-2013-2186)\n\nWarning: Before applying the update, back up your existing Red Hat\nJBoss Enterprise Web Server installation (including all applications\nand configuration files).\n\nAll users of Red Hat JBoss Web Server 1.0.2 on Red Hat Enterprise\nLinux 5 and 6 are advised to upgrade to this updated package. The\nJBoss server process must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-fileupload package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-fileupload\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1428\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-fileupload-1.1.1-7.7.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-fileupload-1.1.1-7.7.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-fileupload\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:38:44", "description": "jakarta-commons-fileupload received a security fix :\n\n - A poison null byte flaw was found in the implementation\n of the DiskFileItem class. A remote attacker could able\n to supply a serialized instance of the DiskFileItem\n class, which would be deserialized on a server, could\n use this flaw to write arbitrary content to any location\n on the server that is permitted by the user running the\n application server process. (CVE-2013-2186)", "edition": 17, "published": "2013-11-13T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Numbers 8445 / 8446)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "modified": "2013-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:jakarta-commons-fileupload", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:jakarta-commons-fileupload-javadoc"], "id": "SUSE_11_JAKARTA-COMMONS-FILEUPLOAD-131017.NASL", "href": "https://www.tenable.com/plugins/nessus/70872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70872);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2186\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Numbers 8445 / 8446)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"jakarta-commons-fileupload received a security fix :\n\n - A poison null byte flaw was found in the implementation\n of the DiskFileItem class. A remote attacker could able\n to supply a serialized instance of the DiskFileItem\n class, which would be deserialized on a server, could\n use this flaw to write arbitrary content to any location\n on the server that is permitted by the user running the\n application server process. (CVE-2013-2186)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=846174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2186.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8445 / 8446 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:jakarta-commons-fileupload\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:jakarta-commons-fileupload-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"jakarta-commons-fileupload-1.1.1-1.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"jakarta-commons-fileupload-javadoc-1.1.1-1.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"jakarta-commons-fileupload-1.1.1-1.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"jakarta-commons-fileupload-javadoc-1.1.1-1.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:26:56", "description": "&#9;A remote attacker could supply a serialized instance of the\nDiskFileItem class, which would be deserialized on a server and write\narbitrary content to any location on the server that is permitted by\nthe user running the application server process.\nbnc#846174/CVE-2013-2186", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2013:1571-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:jakarta-commons-fileupload", "p-cpe:/a:novell:opensuse:jakarta-commons-fileupload-javadoc", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-786.NASL", "href": "https://www.tenable.com/plugins/nessus/75174", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-786.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75174);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2186\");\n script_bugtraq_id(63174);\n script_xref(name:\"TRA\", value:\"TRA-2016-23\");\n\n script_name(english:\"openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2013:1571-1)\");\n script_summary(english:\"Check for the openSUSE-2013-786 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"&#9;A remote attacker could supply a serialized instance of the\nDiskFileItem class, which would be deserialized on a server and write\narbitrary content to any location on the server that is permitted by\nthe user running the application server process.\nbnc#846174/CVE-2013-2186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=846174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2016-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-fileupload packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-fileupload\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-fileupload-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-fileupload-1.1.1-112.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-fileupload-javadoc-1.1.1-112.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-fileupload-1.1.1-114.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-fileupload-javadoc-1.1.1-114.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-fileupload / jakarta-commons-fileupload-javadoc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-10-18T15:25:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3681", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "description": "This host is installed with\n Jenkins and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2016-08-05T00:00:00", "id": "OPENVAS:1361412562310808268", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808268", "type": "openvas", "title": "Jenkins Multiple Vulnerabilities - Oct14 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins Multiple Vulnerabilities - Oct14 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808268\");\n script_version(\"2019-10-17T11:27:19+0000\");\n script_cve_id(\"CVE-2014-3661\", \"CVE-2014-3662\", \"CVE-2014-3663\", \"CVE-2014-3664\", \"CVE-2014-3680\",\n \"CVE-2014-3681\", \"CVE-2014-3666\", \"CVE-2014-3667\", \"CVE-2013-2186\", \"CVE-2014-1869\");\n script_bugtraq_id(77953, 77963, 88193, 77977, 77955, 77961);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 11:27:19 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-08-05 09:47:29 +0530 (Fri, 05 Aug 2016)\");\n\n script_name(\"Jenkins Multiple Vulnerabilities - Oct14 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with\n Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Jenkins does not properly prevent downloading of plugins.\n\n - Insufficient sanitization of packets over the CLI channel.\n\n - Password exposure in DOM.\n\n - Error in job configuration permission.\n\n - Thread exhaustion via vectors related to a CLI handshake.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to obtain sensitive information, to bypass bypass intended access\n restrictions and execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Jenkins main line 1.582 and prior, Jenkins LTS 1.565.2 and prior.\");\n\n script_tag(name:\"solution\", value:\"Jenkins main line users should update to 1.583,\n Jenkins LTS users should update to 1.565.3.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2014-10-01/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif( ! infos = get_app_full( cpe:CPE, port:port ) )\n exit(0);\n\nif( ! version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if( version_is_less( version:version, test_version:\"1.565.3\" ) ) {\n vuln = TRUE;\n fix = \"1.565.3\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"1.583\" ) ) {\n vuln = TRUE;\n fix = \"1.583\";\n }\n}\n\nif( vuln ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-18T15:26:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3666", "CVE-2014-3680", "CVE-2014-3667", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3681", "CVE-2013-2186", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3662"], "description": "This host is installed with\n Jenkins and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2015-12-21T00:00:00", "id": "OPENVAS:1361412562310807013", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807013", "type": "openvas", "title": "Jenkins Multiple Vulnerabilities - Oct14 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jenkins Multiple Vulnerabilities - Oct14 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:jenkins:jenkins\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807013\");\n script_version(\"2019-10-17T11:27:19+0000\");\n script_cve_id(\"CVE-2014-3661\", \"CVE-2014-3662\", \"CVE-2014-3663\", \"CVE-2014-3664\", \"CVE-2014-3680\",\n \"CVE-2014-3681\", \"CVE-2014-3666\", \"CVE-2014-3667\", \"CVE-2013-2186\", \"CVE-2014-1869\");\n script_bugtraq_id(77953, 77963, 88193, 77977, 77955, 77961);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 11:27:19 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-12-21 15:34:06 +0530 (Mon, 21 Dec 2015)\");\n\n script_name(\"Jenkins Multiple Vulnerabilities - Oct14 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with\n Jenkins and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Jenkins does not properly prevent downloading of plugins.\n\n - Insufficient sanitization of packets over the CLI channel.\n\n - Password exposure in DOM.\n\n - Error in job configuration permission.\n\n - Thread exhaustion via vectors related to a CLI handshake.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to obtain sensitive information, to bypass bypass intended access\n restrictions and execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Jenkins main line 1.582 and prior, Jenkins LTS 1.565.2 and prior.\");\n\n script_tag(name:\"solution\", value:\"Jenkins main line users should update to 1.583,\n Jenkins LTS users should update to 1.565.3.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_xref(name:\"URL\", value:\"https://jenkins.io/security/advisory/2014-10-01/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jenkins_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jenkins/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit(0);\n\nif( ! infos = get_app_full( cpe:CPE, port:port ) )\n exit(0);\n\nif( ! version = infos[\"version\"])\n exit(0);\n\nlocation = infos[\"location\"];\nproto = infos[\"proto\"];\n\nif( get_kb_item( \"jenkins/\" + port + \"/is_lts\" ) ) {\n if( version_is_less( version:version, test_version:\"1.565.3\" ) ) {\n vuln = TRUE;\n fix = \"1.565.3\";\n }\n} else {\n if( version_is_less( version:version, test_version:\"1.583\" ) ) {\n vuln = TRUE;\n fix = \"1.583\";\n }\n}\n\nif( vuln ) {\n report = report_fixed_ver( installed_version:version, fixed_version:fix, install_path:location );\n security_message( port:port, data:report, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "description": "It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to servlets\nand web applications, incorrectly handled file names with NULL bytes in\nserialized instances. A remote attacker able to supply a serialized\ninstance of the DiskFileItem class, which will be deserialized on a\nserver, could use this flaw to write arbitrary content to any location\non the server that is accessible to the user running the application\nserver process.", "modified": "2017-07-07T00:00:00", "published": "2013-12-24T00:00:00", "id": "OPENVAS:702827", "href": "http://plugins.openvas.org/nasl.php?oid=702827", "type": "openvas", "title": "Debian Security Advisory DSA 2827-1 (libcommons-fileupload-java - arbitrary file upload via deserialization)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2827.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2827-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"libcommons-fileupload-java on Debian Linux\";\ntag_insight = \"The Commons FileUpload package makes it easy to add robust, high-performance,\nfile upload capability to your servlets and web applications.\";\ntag_solution = \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.2.2-1+deb6u1.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.2.2-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.3-2.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3-2.1.\n\nWe recommend that you upgrade your libcommons-fileupload-java packages.\";\ntag_summary = \"It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to servlets\nand web applications, incorrectly handled file names with NULL bytes in\nserialized instances. A remote attacker able to supply a serialized\ninstance of the DiskFileItem class, which will be deserialized on a\nserver, could use this flaw to write arbitrary content to any location\non the server that is accessible to the user running the application\nserver process.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702827);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2186\");\n script_name(\"Debian Security Advisory DSA 2827-1 (libcommons-fileupload-java - arbitrary file upload via deserialization)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-12-24 00:00:00 +0100 (Tue, 24 Dec 2013)\");\n script_tag(name: \"cvss_base\", value:\"7.5\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2827.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.2-1+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java-doc\", ver:\"1.2.2-1+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.2-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java-doc\", ver:\"1.2.2-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-05T11:10:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "description": "Check for the Version of libcommons-fileupload-java", "modified": "2018-02-03T00:00:00", "published": "2013-11-18T00:00:00", "id": "OPENVAS:841621", "href": "http://plugins.openvas.org/nasl.php?oid=841621", "type": "openvas", "title": "Ubuntu Update for libcommons-fileupload-java USN-2029-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2029_1.nasl 8650 2018-02-03 12:16:59Z teissa $\n#\n# Ubuntu Update for libcommons-fileupload-java USN-2029-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841621);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-18 16:00:35 +0530 (Mon, 18 Nov 2013)\");\n script_cve_id(\"CVE-2013-2186\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for libcommons-fileupload-java USN-2029-1\");\n\n tag_insight = \"It was discovered that Apache Commons FileUpload incorrectly\nhandled file names with NULL bytes in serialized instances. An attacker could\nuse this issue to possibly write to arbitrary files.\";\n\n tag_affected = \"libcommons-fileupload-java on Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2029-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2029-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of libcommons-fileupload-java\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.1-3ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "description": "It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to servlets\nand web applications, incorrectly handled file names with NULL bytes in\nserialized instances. A remote attacker able to supply a serialized\ninstance of the DiskFileItem class, which will be deserialized on a\nserver, could use this flaw to write arbitrary content to any location\non the server that is accessible to the user running the application\nserver process.", "modified": "2019-03-18T00:00:00", "published": "2013-12-24T00:00:00", "id": "OPENVAS:1361412562310702827", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702827", "type": "openvas", "title": "Debian Security Advisory DSA 2827-1 (libcommons-fileupload-java - arbitrary file upload via deserialization)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2827.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2827-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702827\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-2186\");\n script_name(\"Debian Security Advisory DSA 2827-1 (libcommons-fileupload-java - arbitrary file upload via deserialization)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-24 00:00:00 +0100 (Tue, 24 Dec 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2827.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"libcommons-fileupload-java on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.2.2-1+deb6u1.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.2.2-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.3-2.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3-2.1.\n\nWe recommend that you upgrade your libcommons-fileupload-java packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to servlets\nand web applications, incorrectly handled file names with NULL bytes in\nserialized instances. A remote attacker able to supply a serialized\ninstance of the DiskFileItem class, which will be deserialized on a\nserver, could use this flaw to write arbitrary content to any location\non the server that is accessible to the user running the application\nserver process.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.2-1+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcommons-fileupload-java-doc\", ver:\"1.2.2-1+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.2-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcommons-fileupload-java-doc\", ver:\"1.2.2-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2186"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-11-18T00:00:00", "id": "OPENVAS:1361412562310841621", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841621", "type": "openvas", "title": "Ubuntu Update for libcommons-fileupload-java USN-2029-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2029_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for libcommons-fileupload-java USN-2029-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841621\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-18 16:00:35 +0530 (Mon, 18 Nov 2013)\");\n script_cve_id(\"CVE-2013-2186\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for libcommons-fileupload-java USN-2029-1\");\n\n script_tag(name:\"affected\", value:\"libcommons-fileupload-java on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"It was discovered that Apache Commons FileUpload incorrectly\nhandled file names with NULL bytes in serialized instances. An attacker could\nuse this issue to possibly write to arbitrary files.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2029-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2029-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libcommons-fileupload-java'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-fileupload-java\", ver:\"1.2.1-3ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2020-12-09T19:58:24", "description": "Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2014-10-15T14:55:00", "title": "CVE-2014-3664", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3664"], "modified": "2017-08-29T01:34:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3664", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3664", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3667", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3667"], "modified": "2016-06-15T14:34:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3667", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3667", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3662", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3662"], "modified": "2016-06-14T18:48:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3662", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3662", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3679", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3679"], "modified": "2016-07-15T15:01:00", "cpe": ["cpe:/a:jenkins-ci:monitoring_plugin:1.45.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.47.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.46.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.52.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.44.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.51.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.43.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.49.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.41.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.50.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.40.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.52.1", "cpe:/a:jenkins-ci:monitoring_plugin:1.42.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.48.0"], "id": "CVE-2014-3679", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3679", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins-ci:monitoring_plugin:1.42.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.41.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.47.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.52.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.44.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.49.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.50.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.46.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.51.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.43.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.48.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.40.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.45.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.52.1:*:*:*:*:cloudbees_jenkins:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3666", "type": "cve", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3666"], "modified": "2016-06-15T14:33:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3666", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3666", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3661", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3661"], "modified": "2016-06-13T23:45:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3661", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3661", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3680", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3680"], "modified": "2016-06-15T14:34:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3680", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3680", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2014-10-10T14:55:00", "title": "CVE-2014-3678", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3678"], "modified": "2016-07-15T15:01:00", "cpe": ["cpe:/a:jenkins-ci:monitoring_plugin:1.45.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.47.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.46.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.52.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.44.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.51.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.43.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.49.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.41.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.50.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.40.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.52.1", "cpe:/a:jenkins-ci:monitoring_plugin:1.42.0", "cpe:/a:jenkins-ci:monitoring_plugin:1.48.0"], "id": "CVE-2014-3678", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3678", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:jenkins-ci:monitoring_plugin:1.42.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.41.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.47.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.52.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.44.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.49.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.50.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.46.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.51.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.43.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.48.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.40.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.45.0:*:*:*:*:cloudbees_jenkins:*:*", "cpe:2.3:a:jenkins-ci:monitoring_plugin:1.52.1:*:*:*:*:cloudbees_jenkins:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "edition": 6, "cvss3": {}, "published": "2014-10-15T14:55:00", "title": "CVE-2014-3681", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3681"], "modified": "2018-12-18T14:30:00", "cpe": ["cpe:/a:redhat:openshift:3.1"], "id": "CVE-2014-3681", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3681", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2014-10-16T19:55:00", "title": "CVE-2014-3663", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3663"], "modified": "2016-06-15T13:36:00", "cpe": ["cpe:/a:redhat:openshift:3.1", "cpe:/a:jenkins:jenkins:1.582", "cpe:/a:jenkins:jenkins:1.565.2"], "id": "CVE-2014-3663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3663", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:jenkins:jenkins:1.582:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe:2.3:a:jenkins:jenkins:1.565.2:*:*:*:lts:*:*:*"]}], "f5": [{"lastseen": "2017-07-24T18:23:31", "bulletinFamily": "software", "cvelist": ["CVE-2013-2186"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable*| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable*| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable*| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable*****| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable*| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable*| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable*| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \n*****F5 Product Development has determined that the BIG-IP and Enterprise Manager versions ship the vulnerable software component. However, these products do not implement the software component in a way that exposes this issue.\n\nNone\n\n * K9970: Subscribing to email notifications regarding F5 products\n * K9957: Creating a custom RSS feed to view new and updated documents\n * K4602: Overview of the F5 security vulnerability response policy\n * K4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2017-07-24T17:30:00", "published": "2016-01-21T21:28:00", "id": "F5:K63443590", "href": "https://support.f5.com/csp/article/K63443590", "title": " Apache Commons FileUpload vulnerability CVE-2013-2186", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:24", "bulletinFamily": "software", "cvelist": ["CVE-2013-2186"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-01-21T00:00:00", "published": "2016-01-21T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/63/sol63443590.html", "id": "SOL63443590", "title": "SOL63443590 - Apache Commons FileUpload vulnerability CVE-2013-2186", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-06T22:40:53", "bulletinFamily": "software", "cvelist": ["CVE-2013-2185", "CVE-2013-2186"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2020-01-30T06:25:00", "published": "2020-01-30T06:25:00", "id": "F5:K48758740", "href": "https://support.f5.com/csp/article/K48758740", "title": "Apache Tomcat vulnerability CVE-2013-2185", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186", "CVE-2014-1869", "CVE-2014-3661", "CVE-2014-3662", "CVE-2014-3663", "CVE-2014-3664", "CVE-2014-3666", "CVE-2014-3667", "CVE-2014-3680", "CVE-2014-3681", "CVE-2015-1806", "CVE-2015-1807", "CVE-2015-1808", "CVE-2015-1810", "CVE-2015-1812", "CVE-2015-1813", "CVE-2015-1814", "CVE-2015-5317", "CVE-2015-5318", "CVE-2015-5319", "CVE-2015-5320", "CVE-2015-5321", "CVE-2015-5322", "CVE-2015-5323", "CVE-2015-5324", "CVE-2015-5325", "CVE-2015-5326", "CVE-2015-7537", "CVE-2015-7538", "CVE-2015-7539", "CVE-2015-8103", "CVE-2016-1905", "CVE-2016-1906"], "description": "OpenShift Enterprise by Red Hat is the company's cloud computing \nPlatform-as-a-Service (PaaS) solution designed for on-premise or \nprivate cloud deployments.\n\nThe following security issues are addressed with this release:\n\nAn authorization flaw was discovered in Kubernetes; the API server \ndid not properly check user permissions when handling certain \nrequests. An authenticated remote attacker could use this flaw to \ngain additional access to resources such as RAM and disk space. \n(CVE-2016-1905)\n\nAn authorization flaw was discovered in Kubernetes; the API server \ndid not properly check user permissions when handling certain build-\nconfiguration strategies. A remote attacker could create build \nconfigurations with strategies that violate policy. Although the \nattacker could not launch the build themselves (launch fails when \nthe policy is violated), if the build configuration files were later \nlaunched by other privileged services (such as automated triggers), \nuser privileges could be bypassed allowing attacker escalation. \n(CVE-2016-1906)\n\nAn update for Jenkins Continuous Integration Server that addresses a \nlarge number of security issues including XSS, CSRF, information \ndisclosure and code execution have been addressed as well. \n(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662\nCVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667\nCVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807\nCVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813\nCVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319\nCVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323\nCVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537\nCVE-2015-7538, CVE-2015-7539, CVE-2015-8103)\n\nSpace precludes documenting all of the bug fixes and enhancements in \nthis advisory. See the OpenShift Enterprise 3.1 Release Notes, which \nwill be updated shortly for release 3.1.1, for details about these \nchanges:\n\nhttps://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_notes.html\n\nAll OpenShift Enterprise 3 users are advised to upgrade to these \nupdated packages.", "modified": "2016-01-27T00:08:42", "published": "2016-01-27T00:01:15", "id": "RHSA-2016:0070", "href": "https://access.redhat.com/errata/RHSA-2016:0070", "type": "redhat", "title": "(RHSA-2016:0070) Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T14:34:08", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "The Apache Commons FileUpload component can be used to add a file upload\ncapability to your applications.\n\nA flaw was found in the way the DiskFileItem class handled NULL characters\nin file names. A remote attacker able to supply a serialized instance of\nthe DiskFileItem class, which will be deserialized on a server, could use\nthis flaw to write arbitrary content to any location on the server that is\naccessible to the user running the application server process.\n(CVE-2013-2186)\n\nAll users of Red Hat JBoss Web Server 1.0.2 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "modified": "2019-02-20T17:12:15", "published": "2013-10-15T22:30:11", "id": "RHSA-2013:1429", "href": "https://access.redhat.com/errata/RHSA-2013:1429", "type": "redhat", "title": "(RHSA-2013:1429) Important: jakarta-commons-fileupload security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:18", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "The Apache Commons FileUpload component can be used to add a file upload\ncapability to your applications.\n\nA flaw was found in the way the DiskFileItem class handled NULL characters\nin file names. A remote attacker able to supply a serialized instance of\nthe DiskFileItem class, which will be deserialized on a server, could use\nthis flaw to write arbitrary content to any location on the server that is\naccessible to the user running the application server process.\n(CVE-2013-2186)\n\nWarning: Before applying the update, back up your existing Red Hat\nJBoss Enterprise Web Server installation (including all applications and\nconfiguration files).\n\nAll users of Red Hat JBoss Web Server 1.0.2 on Red Hat Enterprise Linux\n5 and 6 are advised to upgrade to this updated package. The JBoss server\nprocess must be restarted for the update to take effect.\n", "modified": "2018-06-07T02:42:41", "published": "2013-10-15T04:00:00", "id": "RHSA-2013:1428", "href": "https://access.redhat.com/errata/RHSA-2013:1428", "type": "redhat", "title": "(RHSA-2013:1428) Important: jakarta-commons-fileupload security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:34:14", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "The Apache Commons FileUpload component can be used to add a file upload\ncapability to your applications.\n\nA flaw was found in the way the DiskFileItem class handled NULL characters\nin file names. A remote attacker able to supply a serialized instance of\nthe DiskFileItem class, which will be deserialized on a server, could use\nthis flaw to write arbitrary content to any location on the server that is\naccessible to the user running the application server process.\n(CVE-2013-2186)\n\nAll users of the affected products as provided from the Red Hat Customer\nPortal are advised to apply this update.", "modified": "2019-02-20T17:12:18", "published": "2013-10-17T21:17:19", "id": "RHSA-2013:1442", "href": "https://access.redhat.com/errata/RHSA-2013:1442", "type": "redhat", "title": "(RHSA-2013:1442) Important: commons-fileupload security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:34:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186", "CVE-2013-4210", "CVE-2013-4293", "CVE-2013-4373"], "description": "Red Hat JBoss Operations Network is a middleware management solution that\nprovides a single point of control to deploy, manage, and monitor JBoss\nEnterprise Middleware, applications, and services.\n\nA flaw was found in the way the DiskFileItem class handled NULL characters\nin file names. A remote attacker able to supply a serialized instance of\nthe DiskFileItem class, which will be deserialized on a server, could use\nthis flaw to write arbitrary content to any location on the server that is\naccessible to the user running the application server process.\n(CVE-2013-2186)\n\nA denial of service flaw was found in the implementation of the\norg.jboss.remoting.transport.socket.ServerThread class in JBoss\nRemoting. An attacker could use this flaw to exhaust all available file\ndescriptors on the target server, preventing legitimate connections. Note\nthat to exploit this flaw remotely, the remoting port must be exposed\ndirectly or indirectly (for example, deploying a public facing application\nthat uses JBoss Remoting could indirectly expose this flaw).\n(CVE-2013-4210)\n\nIt was found that the JBoss Operations Network server exposed configured\npasswords in plain text in its log files by default. A local user with\naccess to these log files could use the exposed credentials.\n(CVE-2013-4293)\n\nA flaw was found in the way JPADriftServerBean instances stored drift\nfiles. The storeFiles method created a predictable temporary directory when\nunpacking a zip file. Once a zip file was extracted to the temporary\ndirectory, all files in this directory were stored. A local attacker could\nprovide their own drift files to be imported into the server instance.\n(CVE-2013-4373)\n\nThe CVE-2013-4293 was discovered by Larry O'Leary of the Red Hat Middleware\nSupport Engineering Group, and CVE-2013-4210 was discovered by James\nLivingston of the Red Hat Support Engineering Group.\n\nAll users of JBoss Operations Network 3.1.2 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "modified": "2019-02-05T04:11:13", "published": "2013-10-21T21:22:10", "id": "RHSA-2013:1448", "href": "https://access.redhat.com/errata/RHSA-2013:1448", "type": "redhat", "title": "(RHSA-2013:1448) Important: Red Hat JBoss Operations Network 3.1.2 update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "cvelist": ["CVE-2013-2186"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2029-1\r\nNovember 13, 2013\r\n\r\nlibcommons-fileupload-java vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nApache Commons FileUpload could be made to overwrite files.\r\n\r\nSoftware Description:\r\n- libcommons-fileupload-java: File upload capability for servlets and web\r\napplications\r\n\r\nDetails:\r\n\r\nIt was discovered that Apache Commons FileUpload incorrectly handled file\r\nnames with NULL bytes in serialized instances. An attacker could use this\r\nissue to possibly write to arbitrary files.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n libcommons-fileupload-java 1.2.1-3ubuntu2.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2029-1\r\n CVE-2013-2186\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libcommons-fileupload-java/1.2.1-3ubuntu2.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2013-12-09T00:00:00", "published": "2013-12-09T00:00:00", "id": "SECURITYVULNS:DOC:30086", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30086", "title": "[USN-2029-1] Apache Commons FileUpload vulnerability", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "cvelist": ["CVE-2013-6163", "CVE-2013-6175", "CVE-2013-6168", "CVE-2013-6174", "CVE-2013-6226", "CVE-2013-6385", "CVE-2013-0316", "CVE-2013-6176", "CVE-2013-6787", "CVE-2013-6388", "CVE-2013-6364", "CVE-2013-1349", "CVE-2013-2172", "CVE-2013-6341", "CVE-2013-1733", "CVE-2013-1742", "CVE-2013-6058", "CVE-2013-6386", "CVE-2013-6389", "CVE-2013-6267", "CVE-2013-5695", "CVE-2013-1743", "CVE-2013-1734", "CVE-2013-6365", "CVE-2013-5984", "CVE-2013-7002", "CVE-2013-6342", "CVE-2013-2186", "CVE-2013-5694", "CVE-2013-6173", "CVE-2013-6164", "CVE-2013-6227", "CVE-2013-6242", "CVE-2013-6275", "CVE-2013-4365", "CVE-2013-6804", "CVE-2013-6177", "CVE-2013-6387"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2013-12-09T00:00:00", "published": "2013-12-09T00:00:00", "id": "SECURITYVULNS:VULN:13441", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13441", "title": "Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;", "type": "securityvulns", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-0388", "CVE-2014-6574", "CVE-2015-0390", "CVE-2014-6592", "CVE-2014-3566", "CVE-2011-4461", "CVE-2015-0386", "CVE-2015-0425", "CVE-2014-6566", "CVE-2013-4784", "CVE-2014-0191", "CVE-2015-0365", "CVE-2014-6579", "CVE-2014-6556", "CVE-2014-6571", "CVE-2015-0427", "CVE-2014-6578", "CVE-2015-0398", "CVE-2014-6510", "CVE-2014-6595", "CVE-2011-3607", "CVE-2014-6518", "CVE-2015-0385", "CVE-2015-0395", "CVE-2015-0368", "CVE-2014-6575", "CVE-2015-0380", "CVE-2015-0424", "CVE-2003-0001", "CVE-2014-6565", "CVE-2015-0407", "CVE-2015-0362", "CVE-2015-0430", "CVE-2014-6585", "CVE-2015-0410", "CVE-2013-5704", "CVE-2015-0402", "CVE-2015-0379", "CVE-2014-6548", "CVE-2015-0396", "CVE-2015-0422", "CVE-2015-0435", "CVE-2014-6584", "CVE-2014-0224", "CVE-2014-4259", "CVE-2015-0391", "CVE-2014-6567", "CVE-2015-0418", "CVE-2013-0338", "CVE-2014-6480", "CVE-2014-6576", "CVE-2015-0428", "CVE-2015-0431", "CVE-2014-0098", "CVE-2014-6549", "CVE-2015-0420", "CVE-2015-0432", "CVE-2015-0383", "CVE-2011-3389", "CVE-2013-1741", "CVE-2014-6583", "CVE-2014-6597", "CVE-2014-4279", "CVE-2004-0230", "CVE-2015-0369", "CVE-2014-6525", "CVE-2015-0372", "CVE-2014-6582", "CVE-2015-0378", "CVE-2015-0392", "CVE-2015-0416", "CVE-2014-6587", "CVE-2013-6438", "CVE-2015-0406", "CVE-2015-0401", "CVE-2014-6569", "CVE-2014-6599", "CVE-2013-2877", "CVE-2015-0417", "CVE-2015-0404", "CVE-2013-6450", "CVE-2014-0114", "CVE-2015-0364", "CVE-2010-5107", "CVE-2011-3368", "CVE-2014-6573", "CVE-2013-4286", "CVE-2015-0371", "CVE-2014-6526", "CVE-2015-0382", "CVE-2014-1568", "CVE-2015-0363", "CVE-2014-6600", "CVE-2014-6580", "CVE-2014-6509", "CVE-2015-0375", "CVE-2015-0414", "CVE-2015-0413", "CVE-2014-6593", "CVE-2014-6601", "CVE-2014-6594", "CVE-2015-0373", "CVE-2015-0421", "CVE-2013-2186", "CVE-2014-3567", "CVE-2014-6581", "CVE-2015-0403", "CVE-2014-6570", "CVE-2015-0408", "CVE-2015-0429", "CVE-2014-6596", "CVE-2014-6521", "CVE-2015-0374", "CVE-2014-6591", "CVE-2014-6586", "CVE-2014-6524", "CVE-2014-6572", "CVE-2015-0370", "CVE-2015-0412", "CVE-2015-0400", "CVE-2015-0409", "CVE-2015-0387", "CVE-2015-0389", "CVE-2015-0399", "CVE-2015-0415", "CVE-2014-6590", "CVE-2015-0376", "CVE-2014-6481", "CVE-2015-0393", "CVE-2015-0366", "CVE-2015-0419", "CVE-2014-6568", "CVE-2015-0377", "CVE-2015-0394", "CVE-2015-0397", "CVE-2015-0384", "CVE-2014-6589", "CVE-2014-6528", "CVE-2014-6588", "CVE-2014-6541", "CVE-2011-1944", "CVE-2015-0437", "CVE-2014-6514", "CVE-2014-4212", "CVE-2015-0436", "CVE-2014-6598", "CVE-2015-0367", "CVE-2014-0226", "CVE-2013-1620", "CVE-2013-4545", "CVE-2015-0426", "CVE-2015-0434", "CVE-2015-0411", "CVE-2015-0381", "CVE-2014-6577"], "description": "Over 150 vulnerabilities in different applications are closed in auqrterly update.", "edition": 1, "modified": "2015-01-25T00:00:00", "published": "2015-01-25T00:00:00", "id": "SECURITYVULNS:VULN:14233", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14233", "title": "Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:01", "bulletinFamily": "software", "cvelist": ["CVE-2015-1926", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2015-4789", "CVE-2015-0447", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-4790", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2015-0448", "CVE-2015-2654", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2015-3456", "CVE-2015-2584", "CVE-2015-2808", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2015-2600", "CVE-2015-2580", "CVE-2015-3152", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2015-2633", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-4779", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2015-4766", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-4746", "CVE-2015-2629", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2015-2663", "CVE-2015-4742", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-2616", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2015-4754", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "description": "Quarterly CPU fixed over 170 different vulnerabilities.", "edition": 1, "modified": "2015-07-20T00:00:00", "published": "2015-07-20T00:00:00", "id": "SECURITYVULNS:VULN:14601", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14601", "title": "Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:13:40", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "jakarta-commons-fileupload received a security fix:\n\n * A poison null byte flaw was found in the\n implementation of the DiskFileItem class. A remote attacker\n could able to supply a serialized instance of the\n DiskFileItem class, which would be deserialized on a\n server, could use this flaw to write arbitrary content to\n any location on the server that is permitted by the user\n running the application server process. (CVE-2013-2186)\n", "edition": 1, "modified": "2013-11-12T19:04:18", "published": "2013-11-12T19:04:18", "id": "SUSE-SU-2013:1660-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html", "type": "suse", "title": "Security update for jakarta-commons-fileupload (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2827-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nDecember 24, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libcommons-fileupload-java\nVulnerability : arbitrary file upload via deserialization\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2013-2186\nDebian Bug : 726601\n\nIt was discovered that Apache Commons FileUpload, a package to make it\neasy to add robust, high-performance, file upload capability to servlets\nand web applications, incorrectly handled file names with NULL bytes in\nserialized instances. A remote attacker able to supply a serialized\ninstance of the DiskFileItem class, which will be deserialized on a\nserver, could use this flaw to write arbitrary content to any location\non the server that is accessible to the user running the application\nserver process.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 1.2.2-1+deb6u1.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.2.2-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.3-2.1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3-2.1.\n\nWe recommend that you upgrade your libcommons-fileupload-java packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2013-12-24T05:38:34", "published": "2013-12-24T05:38:34", "id": "DEBIAN:DSA-2827-1:2E9E3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00241.html", "title": "[SECURITY] [DSA 2827-1] libcommons-fileupload-java security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:30:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2186"], "description": "It was discovered that Apache Commons FileUpload incorrectly handled file \nnames with NULL bytes in serialized instances. An attacker could use this \nissue to possibly write to arbitrary files.", "edition": 5, "modified": "2013-11-13T00:00:00", "published": "2013-11-13T00:00:00", "id": "USN-2029-1", "href": "https://ubuntu.com/security/notices/USN-2029-1", "title": "Apache Commons FileUpload vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oracle": [{"lastseen": "2019-05-29T18:21:04", "bulletinFamily": "software", "cvelist": ["CVE-2015-0388", "CVE-2014-6574", "CVE-2015-0390", "CVE-2011-4317", "CVE-2014-6592", "CVE-2014-3566", "CVE-2011-4461", "CVE-2015-0386", "CVE-2015-0425", "CVE-2014-6566", "CVE-2013-4784", "CVE-2014-0191", "CVE-2015-0365", "CVE-2014-6579", "CVE-2014-6556", "CVE-2014-0231", "CVE-2014-6571", "CVE-2015-0427", "CVE-2014-6578", "CVE-2015-0398", "CVE-2014-6510", "CVE-2014-6595", "CVE-2011-3607", "CVE-2014-6518", "CVE-2015-0385", "CVE-2015-0395", "CVE-2015-0368", "CVE-2013-6449", "CVE-2014-6575", "CVE-2015-0380", "CVE-2015-0424", "CVE-2003-0001", "CVE-2014-6565", "CVE-2015-0407", "CVE-2014-0076", "CVE-2015-0362", "CVE-2015-0430", "CVE-2014-6585", "CVE-2015-0410", "CVE-2013-5704", "CVE-2015-0402", "CVE-2015-0379", "CVE-2014-6548", "CVE-2015-0396", "CVE-2015-0422", "CVE-2015-0435", "CVE-2014-5704", "CVE-2013-5605", "CVE-2014-6584", "CVE-2014-0224", "CVE-2014-4259", "CVE-2015-0391", "CVE-2014-6567", "CVE-2015-0418", "CVE-2013-0338", "CVE-2014-6480", "CVE-2014-6576", "CVE-2015-0428", "CVE-2015-0431", "CVE-2014-0098", "CVE-2014-6549", "CVE-2015-0420", "CVE-2015-0432", "CVE-2015-0383", "CVE-2011-3389", "CVE-2013-1741", "CVE-2014-6583", "CVE-2014-6597", "CVE-2014-4279", "CVE-2004-0230", "CVE-2015-0369", "CVE-2014-6525", "CVE-2015-0372", "CVE-2014-6582", "CVE-2015-0378", "CVE-2015-0392", "CVE-2015-0416", "CVE-2014-6587", "CVE-2013-1740", "CVE-2013-6438", "CVE-2015-0406", "CVE-2015-0401", "CVE-2014-6569", "CVE-2014-3470", "CVE-2012-0053", "CVE-2013-1739", "CVE-2014-6599", "CVE-2014-1492", "CVE-2013-2877", "CVE-2015-0417", "CVE-2015-0404", "CVE-2013-6450", "CVE-2013-5606", "CVE-2014-0114", "CVE-2015-0364", "CVE-2014-0050", "CVE-2010-5107", "CVE-2011-3368", "CVE-2014-6573", "CVE-2014-1490", "CVE-2010-5298", "CVE-2013-4286", "CVE-2015-0371", "CVE-2014-6526", "CVE-2015-0382", "CVE-2014-1568", "CVE-2015-0363", "CVE-2014-6600", "CVE-2014-6580", "CVE-2014-6509", "CVE-2015-0375", "CVE-2015-0414", "CVE-2014-0195", "CVE-2015-0413", "CVE-2014-6593", "CVE-2014-0198", "CVE-2014-6601", "CVE-2014-6594", "CVE-2015-0373", "CVE-2015-0421", "CVE-2013-2186", "CVE-2014-3567", "CVE-2014-6581", "CVE-2014-0015", "CVE-2015-0403", "CVE-2014-6570", "CVE-2015-0408", "CVE-2015-0429", "CVE-2014-6596", "CVE-2014-6521", "CVE-2015-0374", "CVE-2014-6591", "CVE-2014-6586", "CVE-2014-6524", "CVE-2014-6572", "CVE-2015-0370", "CVE-2015-0412", "CVE-2015-0400", "CVE-2015-0409", "CVE-2015-0387", "CVE-2015-0389", "CVE-2015-0399", "CVE-2014-0118", "CVE-2015-0415", "CVE-2014-6590", "CVE-2015-0376", "CVE-2014-6481", "CVE-2015-0393", "CVE-2015-0366", "CVE-2015-0419", "CVE-2014-6568", "CVE-2015-0377", "CVE-2015-0394", "CVE-2015-0397", "CVE-2015-0384", "CVE-2014-6589", "CVE-2014-1491", "CVE-2014-6528", "CVE-2014-6588", "CVE-2014-6541", "CVE-2011-1944", "CVE-2015-0437", "CVE-2014-6514", "CVE-2014-0117", "CVE-2014-4212", "CVE-2015-0436", "CVE-2014-6598", "CVE-2015-0367", "CVE-2014-0226", "CVE-2013-1620", "CVE-2013-4545", "CVE-2015-0426", "CVE-2015-0434", "CVE-2014-0221", "CVE-2015-0411", "CVE-2015-0381", "CVE-2014-6577"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle has received specific reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply these Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 169 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\nPlease note that on October 16, 2014, Oracle released information for [CVE-2014-3566 \"POODLE\"](<http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2014-3566 in addition to the fixes announced in this CPU.\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "modified": "2015-01-20T00:00:00", "published": "2015-03-10T00:00:00", "id": "ORACLE:CPUJAN2015-1972971", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2015", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-04T21:16:02", "bulletinFamily": "software", "cvelist": ["CVE-2003-0001", "CVE-2004-0230", "CVE-2010-5107", "CVE-2010-5298", "CVE-2011-1944", "CVE-2011-3368", "CVE-2011-3389", "CVE-2011-3607", "CVE-2011-4317", "CVE-2011-4461", "CVE-2012-0053", "CVE-2013-0338", "CVE-2013-1620", "CVE-2013-1739", "CVE-2013-1740", "CVE-2013-1741", "CVE-2013-2186", "CVE-2013-2877", "CVE-2013-4286", "CVE-2013-4545", "CVE-2013-4784", "CVE-2013-5605", "CVE-2013-5606", "CVE-2013-5704", "CVE-2013-6438", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0015", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0117", "CVE-2014-0118", "CVE-2014-0191", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1568", "CVE-2014-3470", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-4212", "CVE-2014-4259", "CVE-2014-4279", "CVE-2014-5704", "CVE-2014-6480", "CVE-2014-6481", "CVE-2014-6509", "CVE-2014-6510", "CVE-2014-6514", "CVE-2014-6518", "CVE-2014-6521", "CVE-2014-6524", "CVE-2014-6525", "CVE-2014-6526", "CVE-2014-6528", "CVE-2014-6541", "CVE-2014-6548", "CVE-2014-6549", "CVE-2014-6556", "CVE-2014-6565", "CVE-2014-6566", "CVE-2014-6567", "CVE-2014-6568", "CVE-2014-6569", "CVE-2014-6570", "CVE-2014-6571", "CVE-2014-6572", "CVE-2014-6573", "CVE-2014-6574", "CVE-2014-6575", "CVE-2014-6576", "CVE-2014-6577", "CVE-2014-6578", "CVE-2014-6579", "CVE-2014-6580", "CVE-2014-6581", "CVE-2014-6582", "CVE-2014-6583", "CVE-2014-6584", "CVE-2014-6585", "CVE-2014-6586", "CVE-2014-6587", "CVE-2014-6588", "CVE-2014-6589", "CVE-2014-6590", "CVE-2014-6591", "CVE-2014-6592", "CVE-2014-6593", "CVE-2014-6594", "CVE-2014-6595", "CVE-2014-6596", "CVE-2014-6597", "CVE-2014-6598", "CVE-2014-6599", "CVE-2014-6600", "CVE-2014-6601", "CVE-2015-0362", "CVE-2015-0363", "CVE-2015-0364", "CVE-2015-0365", "CVE-2015-0366", "CVE-2015-0367", "CVE-2015-0368", "CVE-2015-0369", "CVE-2015-0370", "CVE-2015-0371", "CVE-2015-0372", "CVE-2015-0373", "CVE-2015-0374", "CVE-2015-0375", "CVE-2015-0376", "CVE-2015-0377", "CVE-2015-0378", "CVE-2015-0379", "CVE-2015-0380", "CVE-2015-0381", "CVE-2015-0382", "CVE-2015-0383", "CVE-2015-0384", "CVE-2015-0385", "CVE-2015-0386", "CVE-2015-0387", "CVE-2015-0388", "CVE-2015-0389", "CVE-2015-0390", "CVE-2015-0391", "CVE-2015-0392", "CVE-2015-0393", "CVE-2015-0394", "CVE-2015-0395", "CVE-2015-0396", "CVE-2015-0397", "CVE-2015-0398", "CVE-2015-0399", "CVE-2015-0400", "CVE-2015-0401", "CVE-2015-0402", "CVE-2015-0403", "CVE-2015-0404", "CVE-2015-0406", "CVE-2015-0407", "CVE-2015-0408", "CVE-2015-0409", "CVE-2015-0410", "CVE-2015-0411", "CVE-2015-0412", "CVE-2015-0413", "CVE-2015-0414", "CVE-2015-0415", "CVE-2015-0416", "CVE-2015-0417", "CVE-2015-0418", "CVE-2015-0419", "CVE-2015-0420", "CVE-2015-0421", "CVE-2015-0422", "CVE-2015-0424", "CVE-2015-0425", "CVE-2015-0426", "CVE-2015-0427", "CVE-2015-0428", "CVE-2015-0429", "CVE-2015-0430", "CVE-2015-0431", "CVE-2015-0432", "CVE-2015-0434", "CVE-2015-0435", "CVE-2015-0436", "CVE-2015-0437"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 169 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ https://blogs.oracle.com/security](<https://blogs.oracle.com/security>).\n\nPlease note that on October 16, 2014, Oracle released information for CVE-2014-3566 \"POODLE\" .Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2014-3566 in addition to the fixes announced in this CPU.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: https://www.oracle.com/security-alerts/cpufaq.html#CVRF.\n", "modified": "2015-01-20T00:00:00", "published": "2015-03-10T00:00:00", "id": "ORACLE:CPUJAN2015", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2015", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:20:56", "bulletinFamily": "software", "cvelist": ["CVE-2015-1926", "CVE-2015-1802", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2014-8098", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-1804", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2014-8092", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-3572", "CVE-2014-3613", "CVE-2015-0206", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-3244", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2014-8100", "CVE-2015-4789", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-0288", "CVE-2015-4790", "CVE-2013-6422", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2010-4020", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-0285", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2011-3389", "CVE-2015-2654", "CVE-2015-0207", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2014-8275", "CVE-2015-3456", "CVE-2015-0467", "CVE-2015-2584", "CVE-2015-0208", "CVE-2015-2808", "CVE-2013-0249", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2014-0139", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2014-3707", "CVE-2015-0293", "CVE-2015-2600", "CVE-2015-2580", "CVE-2014-8097", "CVE-2014-8101", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2014-8091", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-0468", "CVE-2015-4779", "CVE-2015-0209", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2014-0015", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-0204", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2014-8095", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-0291", "CVE-2015-4746", "CVE-2015-2629", "CVE-2014-8096", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-0287", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2013-2174", "CVE-2015-2663", "CVE-2015-4742", "CVE-2014-8093", "CVE-2015-0289", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-0292", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2014-0138", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-0290", "CVE-2015-2616", "CVE-2015-0205", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2010-1323", "CVE-2015-1787", "CVE-2015-4754", "CVE-2014-3569", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2013-4545", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 193 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\n** Please note that on May 15, 2015, Oracle released [Security Alert for CVE-2015-3456 (QEMU \"Venom\")](<http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-3456. **\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "modified": "2016-07-07T00:00:00", "published": "2015-07-14T00:00:00", "id": "ORACLE:CPUJUL2015-2367936", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - July 2015", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-04T21:16:01", "bulletinFamily": "software", "cvelist": ["CVE-2010-1323", "CVE-2010-1324", "CVE-2010-4020", "CVE-2011-3389", "CVE-2012-0036", "CVE-2013-0249", "CVE-2013-2174", "CVE-2013-2186", "CVE-2013-2251", "CVE-2013-4545", "CVE-2013-5704", "CVE-2013-6422", "CVE-2014-0015", "CVE-2014-0138", "CVE-2014-0139", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-1568", "CVE-2014-1569", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3613", "CVE-2014-3707", "CVE-2014-7809", "CVE-2014-8091", "CVE-2014-8092", "CVE-2014-8093", "CVE-2014-8095", "CVE-2014-8096", "CVE-2014-8097", "CVE-2014-8098", "CVE-2014-8100", "CVE-2014-8101", "CVE-2014-8102", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0207", "CVE-2015-0208", "CVE-2015-0209", "CVE-2015-0235", "CVE-2015-0255", "CVE-2015-0285", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0290", "CVE-2015-0291", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-0443", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-0446", "CVE-2015-0467", "CVE-2015-0468", "CVE-2015-1787", "CVE-2015-1802", "CVE-2015-1803", "CVE-2015-1804", "CVE-2015-1926", "CVE-2015-2580", "CVE-2015-2581", "CVE-2015-2582", "CVE-2015-2583", "CVE-2015-2584", "CVE-2015-2585", "CVE-2015-2586", "CVE-2015-2587", "CVE-2015-2588", "CVE-2015-2589", "CVE-2015-2590", "CVE-2015-2591", "CVE-2015-2592", "CVE-2015-2593", "CVE-2015-2594", "CVE-2015-2595", "CVE-2015-2596", "CVE-2015-2597", "CVE-2015-2598", "CVE-2015-2599", "CVE-2015-2600", "CVE-2015-2601", "CVE-2015-2602", "CVE-2015-2603", "CVE-2015-2604", "CVE-2015-2605", "CVE-2015-2606", "CVE-2015-2607", "CVE-2015-2609", "CVE-2015-2610", "CVE-2015-2611", "CVE-2015-2612", "CVE-2015-2613", "CVE-2015-2614", "CVE-2015-2615", "CVE-2015-2616", "CVE-2015-2617", "CVE-2015-2618", "CVE-2015-2619", "CVE-2015-2620", "CVE-2015-2621", "CVE-2015-2622", "CVE-2015-2623", "CVE-2015-2624", "CVE-2015-2625", "CVE-2015-2626", "CVE-2015-2627", "CVE-2015-2628", "CVE-2015-2629", "CVE-2015-2630", "CVE-2015-2631", "CVE-2015-2632", "CVE-2015-2634", "CVE-2015-2635", "CVE-2015-2636", "CVE-2015-2637", "CVE-2015-2638", "CVE-2015-2639", "CVE-2015-2640", "CVE-2015-2641", "CVE-2015-2643", "CVE-2015-2644", "CVE-2015-2645", "CVE-2015-2646", "CVE-2015-2647", "CVE-2015-2648", "CVE-2015-2649", "CVE-2015-2650", "CVE-2015-2651", "CVE-2015-2652", "CVE-2015-2653", "CVE-2015-2654", "CVE-2015-2655", "CVE-2015-2656", "CVE-2015-2657", "CVE-2015-2658", "CVE-2015-2659", "CVE-2015-2660", "CVE-2015-2661", "CVE-2015-2662", "CVE-2015-2663", "CVE-2015-2664", "CVE-2015-2808", "CVE-2015-3244", "CVE-2015-3456", "CVE-2015-4000", "CVE-2015-4727", "CVE-2015-4728", "CVE-2015-4729", "CVE-2015-4731", "CVE-2015-4732", "CVE-2015-4733", "CVE-2015-4735", "CVE-2015-4736", "CVE-2015-4737", "CVE-2015-4738", "CVE-2015-4739", "CVE-2015-4740", "CVE-2015-4741", "CVE-2015-4742", "CVE-2015-4743", "CVE-2015-4744", "CVE-2015-4745", "CVE-2015-4746", "CVE-2015-4747", "CVE-2015-4748", "CVE-2015-4749", "CVE-2015-4750", "CVE-2015-4751", "CVE-2015-4752", "CVE-2015-4753", "CVE-2015-4754", "CVE-2015-4755", "CVE-2015-4756", "CVE-2015-4757", "CVE-2015-4758", "CVE-2015-4759", "CVE-2015-4760", "CVE-2015-4761", "CVE-2015-4763", "CVE-2015-4764", "CVE-2015-4765", "CVE-2015-4767", "CVE-2015-4768", "CVE-2015-4769", "CVE-2015-4770", "CVE-2015-4771", "CVE-2015-4772", "CVE-2015-4773", "CVE-2015-4774", "CVE-2015-4775", "CVE-2015-4776", "CVE-2015-4777", "CVE-2015-4778", "CVE-2015-4779", "CVE-2015-4780", "CVE-2015-4781", "CVE-2015-4782", "CVE-2015-4783", "CVE-2015-4784", "CVE-2015-4785", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-4788", "CVE-2015-4789", "CVE-2015-4790"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: Critical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 193 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ https://blogs.oracle.com/security](<https://blogs.oracle.com/security/>).\n\n**Please note that on May 15, 2015, Oracle released Security Alert for CVE-2015-3456 (QEMU \"Venom\") .Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-3456.**\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: https://www.oracle.com/security-alerts/cpufaq.html#CVRF.\n", "modified": "2016-07-07T00:00:00", "published": "2015-07-14T00:00:00", "id": "ORACLE:CPUJUL2015", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - July 2015", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:20:52", "bulletinFamily": "software", "cvelist": ["CVE-2016-0571", "CVE-2016-0528", "CVE-2015-6013", "CVE-2015-4000", "CVE-2016-0608", "CVE-2016-0515", "CVE-2016-0514", "CVE-2016-0600", "CVE-2015-1792", "CVE-2016-0492", "CVE-2016-0611", "CVE-2016-0575", "CVE-2016-0544", "CVE-2016-0599", "CVE-2015-0235", "CVE-2016-0445", "CVE-2016-0500", "CVE-2016-0572", "CVE-2015-1793", "CVE-2016-0592", "CVE-2016-0435", "CVE-2016-0512", "CVE-2015-8126", "CVE-2016-0526", "CVE-2016-0457", "CVE-2016-0594", "CVE-2016-0498", "CVE-2016-0516", "CVE-2016-0580", "CVE-2016-0470", "CVE-2016-0444", "CVE-2016-0577", "CVE-2016-0440", "CVE-2016-0546", "CVE-2015-1789", "CVE-2016-0541", "CVE-2016-0560", "CVE-2016-0428", "CVE-2016-0447", "CVE-2016-0477", "CVE-2016-0568", "CVE-2016-0415", "CVE-2015-0286", "CVE-2016-0489", "CVE-2016-0559", "CVE-2016-0472", "CVE-2016-0578", "CVE-2016-0579", "CVE-2016-0561", "CVE-2014-3583", "CVE-2016-0412", "CVE-2015-3195", "CVE-2016-0449", "CVE-2016-0555", "CVE-2016-0481", "CVE-2016-0511", "CVE-2016-0605", "CVE-2015-4885", "CVE-2016-0455", "CVE-2015-4921", "CVE-2016-0534", "CVE-2016-0414", "CVE-2015-4924", "CVE-2016-0589", "CVE-2016-0474", "CVE-2016-0508", "CVE-2016-0465", "CVE-2016-0553", "CVE-2016-0582", "CVE-2016-0483", "CVE-2013-5855", "CVE-2016-0517", "CVE-2013-5704", "CVE-2016-0454", "CVE-2015-0288", "CVE-2016-0486", "CVE-2013-5605", "CVE-2016-0554", "CVE-2016-0542", "CVE-2016-0591", "CVE-2016-0433", "CVE-2016-0448", "CVE-2016-0506", "CVE-2016-0401", "CVE-2016-0416", "CVE-2016-0437", "CVE-2016-0550", "CVE-2016-0533", "CVE-2016-0403", "CVE-2015-4922", "CVE-2016-0566", "CVE-2016-0606", "CVE-2016-0510", "CVE-2016-0431", "CVE-2015-0285", "CVE-2016-0569", "CVE-2016-0459", "CVE-2016-0471", "CVE-2016-0564", "CVE-2016-0524", "CVE-2016-0563", "CVE-2016-0522", "CVE-2015-3153", "CVE-2016-0616", "CVE-2016-0614", "CVE-2013-1741", "CVE-2015-0207", "CVE-2016-0442", "CVE-2016-0493", "CVE-2016-0443", "CVE-2016-0618", "CVE-2016-0573", "CVE-2016-0527", "CVE-2016-0610", "CVE-2016-0609", "CVE-2016-0570", "CVE-2015-4926", "CVE-2015-0208", "CVE-2015-5307", "CVE-2016-0473", "CVE-2016-0518", "CVE-2013-1740", "CVE-2016-0567", "CVE-2015-7575", "CVE-2016-0558", "CVE-2016-0543", "CVE-2016-0463", "CVE-2016-0487", "CVE-2013-1739", "CVE-2016-0466", "CVE-2016-0462", "CVE-2016-0423", "CVE-2016-0596", "CVE-2016-0535", "CVE-2016-0509", "CVE-2016-0574", "CVE-2014-1492", "CVE-2016-0426", "CVE-2016-0460", "CVE-2016-0504", "CVE-2016-0521", "CVE-2016-0501", "CVE-2013-5606", "CVE-2016-0451", "CVE-2016-0482", "CVE-2015-4808", "CVE-2016-0539", "CVE-2014-0050", "CVE-2016-0404", "CVE-2016-0419", "CVE-2016-0494", "CVE-2015-0293", "CVE-2016-0552", "CVE-2016-0485", "CVE-2014-1490", "CVE-2016-0595", "CVE-2016-0402", "CVE-2016-0480", "CVE-2016-0478", "CVE-2016-0427", "CVE-2015-4919", "CVE-2016-0529", "CVE-2015-7183", "CVE-2016-0503", "CVE-2015-1788", "CVE-2016-0413", "CVE-2016-0476", "CVE-2016-0598", "CVE-2016-0556", "CVE-2015-0209", "CVE-2016-0422", "CVE-2016-0502", "CVE-2016-0601", "CVE-2013-2186", "CVE-2015-3183", "CVE-2015-4920", "CVE-2016-0441", "CVE-2016-0432", "CVE-2016-0484", "CVE-2016-0536", "CVE-2016-0576", "CVE-2015-0204", "CVE-2016-0540", "CVE-2016-0584", "CVE-2016-0537", "CVE-2016-0590", "CVE-2016-0565", "CVE-2016-0420", "CVE-2016-0557", "CVE-2016-0586", "CVE-2016-0417", "CVE-2016-0491", "CVE-2016-0424", "CVE-2015-8472", "CVE-2016-0450", "CVE-2016-0495", "CVE-2016-0520", "CVE-2016-0405", "CVE-2016-0488", "CVE-2015-1790", "CVE-2016-0525", "CVE-2016-0475", "CVE-2016-0499", "CVE-2016-0452", "CVE-2015-6014", "CVE-2016-0548", "CVE-2016-0519", "CVE-2016-0587", "CVE-2016-0461", "CVE-2016-0464", "CVE-2016-0409", "CVE-2016-0438", "CVE-2015-0291", "CVE-2016-0429", "CVE-2016-0497", "CVE-2014-3581", "CVE-2016-0607", "CVE-2015-8370", "CVE-2016-0439", "CVE-2015-0287", "CVE-2014-8109", "CVE-2016-0530", "CVE-2016-0456", "CVE-2016-0496", "CVE-2016-0551", "CVE-2016-0425", "CVE-2016-0421", "CVE-2016-0523", "CVE-2016-0430", "CVE-2015-0289", "CVE-2016-0597", "CVE-2016-0467", "CVE-2016-0581", "CVE-2016-0549", "CVE-2016-0458", "CVE-2014-1491", "CVE-2016-0538", "CVE-2016-0531", "CVE-2015-0292", "CVE-2016-0583", "CVE-2016-0411", "CVE-2016-0507", "CVE-2016-0490", "CVE-2016-0418", "CVE-2014-0107", "CVE-2016-0453", "CVE-2015-7744", "CVE-2016-0513", "CVE-2016-0436", "CVE-2016-0547", "CVE-2016-0588", "CVE-2015-0290", "CVE-2016-0434", "CVE-2016-0446", "CVE-2015-1787", "CVE-2016-0505", "CVE-2015-4852", "CVE-2016-0562", "CVE-2016-0585", "CVE-2015-4923", "CVE-2016-0406", "CVE-2015-1791", "CVE-2015-8104", "CVE-2016-0532", "CVE-2015-4925", "CVE-2015-6015", "CVE-2016-0545", "CVE-2016-0602"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 248 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\n** Please note that on November 10, 2015, Oracle released [Security Alert for CVE-2015-4852](<http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-4852. **\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "modified": "2016-02-12T00:00:00", "published": "2016-01-19T00:00:00", "id": "ORACLE:CPUJAN2016-2367955", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2016", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-04T21:15:56", "bulletinFamily": "software", "cvelist": ["CVE-2013-1739", "CVE-2013-1740", "CVE-2013-1741", "CVE-2013-2186", "CVE-2013-5605", "CVE-2013-5606", "CVE-2013-5704", "CVE-2013-5855", "CVE-2014-0050", "CVE-2014-0107", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-3581", "CVE-2014-3583", "CVE-2014-8109", "CVE-2015-0204", "CVE-2015-0207", "CVE-2015-0208", "CVE-2015-0209", "CVE-2015-0235", "CVE-2015-0285", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0290", "CVE-2015-0291", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-1787", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-3153", "CVE-2015-3183", "CVE-2015-3195", "CVE-2015-4000", "CVE-2015-4808", "CVE-2015-4852", "CVE-2015-4885", "CVE-2015-4919", "CVE-2015-4920", "CVE-2015-4921", "CVE-2015-4922", "CVE-2015-4923", "CVE-2015-4924", "CVE-2015-4925", "CVE-2015-4926", "CVE-2015-5307", "CVE-2015-6013", "CVE-2015-6014", "CVE-2015-6015", "CVE-2015-7183", "CVE-2015-7575", "CVE-2015-7744", "CVE-2015-8104", "CVE-2015-8126", "CVE-2015-8370", "CVE-2015-8472", "CVE-2016-0401", "CVE-2016-0402", "CVE-2016-0403", "CVE-2016-0404", "CVE-2016-0405", "CVE-2016-0406", "CVE-2016-0409", "CVE-2016-0411", "CVE-2016-0412", "CVE-2016-0413", "CVE-2016-0414", "CVE-2016-0415", "CVE-2016-0416", "CVE-2016-0417", "CVE-2016-0418", "CVE-2016-0419", "CVE-2016-0420", "CVE-2016-0421", "CVE-2016-0422", "CVE-2016-0423", "CVE-2016-0424", "CVE-2016-0425", "CVE-2016-0426", "CVE-2016-0427", "CVE-2016-0428", "CVE-2016-0429", "CVE-2016-0430", "CVE-2016-0431", "CVE-2016-0432", "CVE-2016-0433", "CVE-2016-0434", "CVE-2016-0435", "CVE-2016-0436", "CVE-2016-0437", "CVE-2016-0438", "CVE-2016-0439", "CVE-2016-0440", "CVE-2016-0441", "CVE-2016-0442", "CVE-2016-0443", "CVE-2016-0444", "CVE-2016-0445", "CVE-2016-0446", "CVE-2016-0447", "CVE-2016-0448", "CVE-2016-0449", "CVE-2016-0450", "CVE-2016-0451", "CVE-2016-0452", "CVE-2016-0453", "CVE-2016-0454", "CVE-2016-0455", "CVE-2016-0456", "CVE-2016-0457", "CVE-2016-0458", "CVE-2016-0459", "CVE-2016-0460", "CVE-2016-0461", "CVE-2016-0462", "CVE-2016-0463", "CVE-2016-0464", "CVE-2016-0465", "CVE-2016-0466", "CVE-2016-0467", "CVE-2016-0470", "CVE-2016-0471", "CVE-2016-0472", "CVE-2016-0473", "CVE-2016-0474", "CVE-2016-0475", "CVE-2016-0476", "CVE-2016-0477", "CVE-2016-0478", "CVE-2016-0480", "CVE-2016-0481", "CVE-2016-0482", "CVE-2016-0483", "CVE-2016-0484", "CVE-2016-0485", "CVE-2016-0486", "CVE-2016-0487", "CVE-2016-0488", "CVE-2016-0489", "CVE-2016-0490", "CVE-2016-0491", "CVE-2016-0492", "CVE-2016-0493", "CVE-2016-0494", "CVE-2016-0495", "CVE-2016-0496", "CVE-2016-0497", "CVE-2016-0498", "CVE-2016-0499", "CVE-2016-0500", "CVE-2016-0501", "CVE-2016-0502", "CVE-2016-0503", "CVE-2016-0504", "CVE-2016-0505", "CVE-2016-0506", "CVE-2016-0507", "CVE-2016-0508", "CVE-2016-0509", "CVE-2016-0510", "CVE-2016-0511", "CVE-2016-0512", "CVE-2016-0513", "CVE-2016-0514", "CVE-2016-0515", "CVE-2016-0516", "CVE-2016-0517", "CVE-2016-0518", "CVE-2016-0519", "CVE-2016-0520", "CVE-2016-0521", "CVE-2016-0522", "CVE-2016-0523", "CVE-2016-0524", "CVE-2016-0525", "CVE-2016-0526", "CVE-2016-0527", "CVE-2016-0528", "CVE-2016-0529", "CVE-2016-0530", "CVE-2016-0531", "CVE-2016-0532", "CVE-2016-0533", "CVE-2016-0534", "CVE-2016-0535", "CVE-2016-0536", "CVE-2016-0537", "CVE-2016-0538", "CVE-2016-0539", "CVE-2016-0540", "CVE-2016-0541", "CVE-2016-0542", "CVE-2016-0543", "CVE-2016-0544", "CVE-2016-0545", "CVE-2016-0546", "CVE-2016-0547", "CVE-2016-0548", "CVE-2016-0549", "CVE-2016-0550", "CVE-2016-0551", "CVE-2016-0552", "CVE-2016-0553", "CVE-2016-0554", "CVE-2016-0555", "CVE-2016-0556", "CVE-2016-0557", "CVE-2016-0558", "CVE-2016-0559", "CVE-2016-0560", "CVE-2016-0561", "CVE-2016-0562", "CVE-2016-0563", "CVE-2016-0564", "CVE-2016-0565", "CVE-2016-0566", "CVE-2016-0567", "CVE-2016-0568", "CVE-2016-0569", "CVE-2016-0570", "CVE-2016-0571", "CVE-2016-0572", "CVE-2016-0573", "CVE-2016-0574", "CVE-2016-0575", "CVE-2016-0576", "CVE-2016-0577", "CVE-2016-0578", "CVE-2016-0579", "CVE-2016-0580", "CVE-2016-0581", "CVE-2016-0582", "CVE-2016-0583", "CVE-2016-0584", "CVE-2016-0585", "CVE-2016-0586", "CVE-2016-0587", "CVE-2016-0588", "CVE-2016-0589", "CVE-2016-0590", "CVE-2016-0591", "CVE-2016-0592", "CVE-2016-0594", "CVE-2016-0595", "CVE-2016-0596", "CVE-2016-0597", "CVE-2016-0598", "CVE-2016-0599", "CVE-2016-0600", "CVE-2016-0601", "CVE-2016-0602", "CVE-2016-0605", "CVE-2016-0606", "CVE-2016-0607", "CVE-2016-0608", "CVE-2016-0609", "CVE-2016-0610", "CVE-2016-0611", "CVE-2016-0614", "CVE-2016-0616", "CVE-2016-0618"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 248 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n**Please note that on November 10, 2015, Oracle released Security Alert for CVE-2015-4852. Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-4852. **\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: https://www.oracle.com/security-alerts/cpufaq.html#CVRF.\n", "modified": "2016-02-12T00:00:00", "published": "2016-01-19T00:00:00", "id": "ORACLE:CPUJAN2016", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2016", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}