Search...

FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)

2009-04-23T00:00:00

ID FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL
Type nessus
Reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2019-11-02T00:00:00

Description

When the directive

                                        
                                            #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2018 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(37595);
  script_version("1.18");
  script_cvs_date("Date: 2019/08/02 13:32:36");

  script_cve_id("CVE-2004-1765");
  script_bugtraq_id(9885);
  script_xref(name:"CERT", value:"779438");
  script_xref(name:"Secunia", value:"11138");

  script_name(english:"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)");
  script_summary(english:"Checks for updated package in pkg_info output");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote FreeBSD host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x
version of ModSecurity is vulnerable to an off-by-one overflow"
  );
  # http://www.s-quadra.com/advisories/Adv-20040315.txt
  script_set_attribute(
    attribute:"see_also",
    value:"http://dfltweb1.onamae.com"
  );
  # https://vuxml.freebsd.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9607010d"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mod_security");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2004/02/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2004/03/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"mod_security&lt;1.7.5")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:pkg_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "bulletinFamily": "scanner", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "description": "When the directive ", "published": "2009-04-23T00:00:00", "modified": "2019-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/37595", "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://dfltweb1.onamae.com", "http://www.nessus.org/u?9607010d"], "cvelist": ["CVE-2004-1765"], "type": "nessus", "lastseen": "2019-11-01T02:39:34", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "cvelist": ["CVE-2004-1765"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "When the directive ", "edition": 9, "enchantments": {"dependencies": {"modified": "2019-10-28T20:23:10", "references": [{"idList": ["OPENVAS:52448"], "type": "openvas"}, {"idList": ["CVE-2004-1765"], "type": "cve"}, {"idList": ["OSVDB:4304"], "type": "osvdb"}, {"idList": ["FREEBSD_MODSECURITY_175.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-10-28T20:23:10", "value": 6.5, "vector": "NONE"}}, "hash": "3be07212bbaf666f1cc09522196764187c03895004672cdbe69088fd1dd141fd", "hashmap": [{"hash": "60ae02e416fc5641d2713f35a6bbe3c6", "key": "references"}, {"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "c1dff392aa2083cd372dfcdf832ef644", "key": "sourceData"}, {"hash": "d8d5d4166c9636293172df32f8577e55", "key": "cvelist"}, {"hash": "8c2048a914ff1755d4ff806e9970f697", "key": "title"}, {"hash": "fbb50c0d5d5e66adbe7085a0f6d95fcd", "key": "description"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "02d9efb661cdd5884507d305b738b68a", "key": "reporter"}, {"hash": "8d9efdc11d3f363405846f3c09c5567f", "key": "pluginID"}, {"hash": "76513906e80d05a012e3a4ca594309b3", "key": "cpe"}, {"hash": "f710048e207a066f8ccd4dc853010a01", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0bafb6325bcaf483a25404f785191cc5", "key": "modified"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/37595", "id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "lastseen": "2019-10-28T20:23:10", "modified": "2019-10-02T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "37595", "published": "2009-04-23T00:00:00", "references": ["http://dfltweb1.onamae.com", "http://www.nessus.org/u?9607010d"], "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/08/02 13:32:36\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n # http://www.s-quadra.com/advisories/Adv-20040315.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dfltweb1.onamae.com\"\n );\n # https://vuxml.freebsd.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9607010d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 9, "lastseen": "2019-10-28T20:23:10"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "cvelist": ["CVE-2004-1765"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "00e7bb2aa37fffd770c5783dd849642dbc3c92ff6c80b0af365893af51eac7ee", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "b540797a005019f00f860d4babc60dab", "key": "modified"}, {"hash": "d8d5d4166c9636293172df32f8577e55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "8c2048a914ff1755d4ff806e9970f697", "key": "title"}, {"hash": "107a99663420d062ac60ff2833ebd0f2", "key": "sourceData"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "8d9efdc11d3f363405846f3c09c5567f", "key": "pluginID"}, {"hash": "76513906e80d05a012e3a4ca594309b3", "key": "cpe"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "19c24237206d6c3e68b91108d9490236", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f7e61e9f6301f853ae7c00e03c108b17", "key": "references"}, {"hash": "0f25868f6dad4413ce6e589b9cf996ba", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37595", "id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "lastseen": "2018-08-30T19:39:39", "modified": "2013-06-22T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "37595", "published": "2009-04-23T00:00:00", "references": ["http://www.nessus.org/u?0652070e", "http://www.s-quadra.com/advisories/Adv-20040315.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"$Revision: 1.15 $\");\n script_cvs_date(\"$Date: 2013/06/22 00:10:42 $\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.s-quadra.com/advisories/Adv-20040315.txt\"\n );\n # http://www.freebsd.org/ports/portaudit/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0652070e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:39:39"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "cvelist": ["CVE-2004-1765"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-02-21T01:11:47", "references": [{"idList": ["OPENVAS:52448"], "type": "openvas"}, {"idList": ["CVE-2004-1765"], "type": "cve"}, {"idList": ["OSVDB:4304"], "type": "osvdb"}, {"idList": ["FREEBSD_MODSECURITY_175.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-02-21T01:11:47", "value": 6.1, "vector": "NONE"}}, "hash": "45265c446395624aadc713fb12cc44be602a574aae6ef3c84b0e47166f5ebd5f", "hashmap": [{"hash": "60ae02e416fc5641d2713f35a6bbe3c6", "key": "references"}, {"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "d8d5d4166c9636293172df32f8577e55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7491720cc46c149db95fd9c52d718a12", "key": "sourceData"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "6d8000a975cdf5bed96d720a47e11f56", "key": "modified"}, {"hash": "8c2048a914ff1755d4ff806e9970f697", "key": "title"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "8d9efdc11d3f363405846f3c09c5567f", "key": "pluginID"}, {"hash": "76513906e80d05a012e3a4ca594309b3", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "19c24237206d6c3e68b91108d9490236", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0f25868f6dad4413ce6e589b9cf996ba", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37595", "id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "lastseen": "2019-02-21T01:11:47", "modified": "2018-12-19T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "37595", "published": "2009-04-23T00:00:00", "references": ["http://dfltweb1.onamae.com", "http://www.nessus.org/u?9607010d"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/12/19 13:21:17\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n # http://www.s-quadra.com/advisories/Adv-20040315.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dfltweb1.onamae.com\"\n );\n # https://vuxml.freebsd.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9607010d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss", "description", "reporter", "modified", "sourceData", "href"], "edition": 8, "lastseen": "2019-02-21T01:11:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "cvelist": ["CVE-2004-1765"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "45265c446395624aadc713fb12cc44be602a574aae6ef3c84b0e47166f5ebd5f", "hashmap": [{"hash": "60ae02e416fc5641d2713f35a6bbe3c6", "key": "references"}, {"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "d8d5d4166c9636293172df32f8577e55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7491720cc46c149db95fd9c52d718a12", "key": "sourceData"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "6d8000a975cdf5bed96d720a47e11f56", "key": "modified"}, {"hash": "8c2048a914ff1755d4ff806e9970f697", "key": "title"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "8d9efdc11d3f363405846f3c09c5567f", "key": "pluginID"}, {"hash": "76513906e80d05a012e3a4ca594309b3", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "19c24237206d6c3e68b91108d9490236", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0f25868f6dad4413ce6e589b9cf996ba", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37595", "id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "lastseen": "2018-12-20T05:59:53", "modified": "2018-12-19T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "37595", "published": "2009-04-23T00:00:00", "references": ["http://dfltweb1.onamae.com", "http://www.nessus.org/u?9607010d"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/12/19 13:21:17\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n # http://www.s-quadra.com/advisories/Adv-20040315.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dfltweb1.onamae.com\"\n );\n # https://vuxml.freebsd.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9607010d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-12-20T05:59:53"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "cvelist": ["CVE-2004-1765"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "1600220e8cde63ae7876548ee74222dbe1e2fa60c0a1d69ba1c3922a1c78b09c", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "b540797a005019f00f860d4babc60dab", "key": "modified"}, {"hash": "d8d5d4166c9636293172df32f8577e55", "key": "cvelist"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "8c2048a914ff1755d4ff806e9970f697", "key": "title"}, {"hash": "107a99663420d062ac60ff2833ebd0f2", "key": "sourceData"}, {"hash": "197a63ce57b10c1f43b5342b9dd90820", "key": "published"}, {"hash": "8d9efdc11d3f363405846f3c09c5567f", "key": "pluginID"}, {"hash": "76513906e80d05a012e3a4ca594309b3", "key": "cpe"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "19c24237206d6c3e68b91108d9490236", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f7e61e9f6301f853ae7c00e03c108b17", "key": "references"}, {"hash": "0f25868f6dad4413ce6e589b9cf996ba", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=37595", "id": "FREEBSD_PKG_C2E1036877AB11D8B9E800E04CCB0A62.NASL", "lastseen": "2018-09-01T23:46:02", "modified": "2013-06-22T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "37595", "published": "2009-04-23T00:00:00", "references": ["http://www.nessus.org/u?0652070e", "http://www.s-quadra.com/advisories/Adv-20040315.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"$Revision: 1.15 $\");\n script_cvs_date(\"$Date: 2013/06/22 00:10:42 $\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.s-quadra.com/advisories/Adv-20040315.txt\"\n );\n # http://www.freebsd.org/ports/portaudit/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0652070e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:46:02"}], "edition": 10, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "76513906e80d05a012e3a4ca594309b3"}, {"key": "cvelist", "hash": "d8d5d4166c9636293172df32f8577e55"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "description", "hash": "fbb50c0d5d5e66adbe7085a0f6d95fcd"}, {"key": "href", "hash": "f710048e207a066f8ccd4dc853010a01"}, {"key": "modified", "hash": "abcf9266f425f12dda38f529cd4a94bc"}, {"key": "naslFamily", "hash": "fe45aa727b58c1249bf04cfb7b4e6ae0"}, {"key": "pluginID", "hash": "8d9efdc11d3f363405846f3c09c5567f"}, {"key": "published", "hash": "197a63ce57b10c1f43b5342b9dd90820"}, {"key": "references", "hash": "60ae02e416fc5641d2713f35a6bbe3c6"}, {"key": "reporter", "hash": "02d9efb661cdd5884507d305b738b68a"}, {"key": "sourceData", "hash": "c1dff392aa2083cd372dfcdf832ef644"}, {"key": "title", "hash": "8c2048a914ff1755d4ff806e9970f697"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "60ed2be79e7edba6aa1adf46da12c4921d97019490c9af3c7597570dcf184a90", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-1765"]}, {"type": "nessus", "idList": ["FREEBSD_MODSECURITY_175.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:4304"]}, {"type": "openvas", "idList": ["OPENVAS:52448"]}], "modified": "2019-11-01T02:39:34"}, "score": {"value": 6.5, "vector": "NONE", "modified": "2019-11-01T02:39:34"}, "vulnersScore": 6.5}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37595);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/08/02 13:32:36\");\n\n script_cve_id(\"CVE-2004-1765\");\n script_bugtraq_id(9885);\n script_xref(name:\"CERT\", value:\"779438\");\n script_xref(name:\"Secunia\", value:\"11138\");\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the directive 'SecFilterScanPost' is enabled, the Apache 2.x\nversion of ModSecurity is vulnerable to an off-by-one overflow\"\n );\n # http://www.s-quadra.com/advisories/Adv-20040315.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dfltweb1.onamae.com\"\n );\n # https://vuxml.freebsd.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9607010d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mod_security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mod_security<1.7.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "pluginID": "37595", "cpe": ["p-cpe:/a:freebsd:freebsd:mod_security", "cpe:/o:freebsd:freebsd"], "scheme": null}

{"cve": [{"lastseen": "2019-05-29T18:08:04", "bulletinFamily": "NVD", "description": "Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.", "modified": "2017-07-11T01:31:00", "id": "CVE-2004-1765", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1765", "published": "2004-12-31T05:00:00", "title": "CVE-2004-1765", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:58", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:11138](https://secuniaresearch.flexerasoftware.com/advisories/11138/)\nOther Advisory URL: http://www.s-quadra.com/advisories/Adv-20040315.txt\nISS X-Force ID: 15489\n[CVE-2004-1765](https://vulners.com/cve/CVE-2004-1765)\nCERT VU: 779438\nBugtraq ID: 9885\n", "modified": "2004-03-17T03:06:45", "published": "2004-03-17T03:06:45", "href": "https://vulners.com/osvdb/OSVDB:4304", "id": "OSVDB:4304", "type": "osvdb", "title": "mod_security POST Request Processing Off-By-One\n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-22T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52448", "id": "OPENVAS:52448", "title": "FreeBSD Ports: mod_security", "type": "openvas", "sourceData": "#\n#VID c2e10368-77ab-11d8-b9e8-00e04ccb0a62\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: mod_security\n\nThe installed version of mod_security suffers from\na buffer overflow vulnerability when SecFilterScanPost\nis enabled, allowing a remote attacker to execute\narbitrary code via a specially crafted POST request.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.s-quadra.com/advisories/Adv-20040315.txt\nhttp://secunia.com/advisories/11138\nhttp://www.vuxml.org/freebsd/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52448);\n script_version(\"$Revision: 4128 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-22 07:37:51 +0200 (Thu, 22 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(9885);\n script_cve_id(\"CVE-2004-1765\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: mod_security\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"mod_security\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.7.5\")<0) {\n txt += 'Package mod_security version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2016-09-26T17:25:27", "bulletinFamily": "scanner", "description": "The following package needs to be updated: mod_security", "modified": "2011-10-03T00:00:00", "published": "2004-07-06T00:00:00", "id": "FREEBSD_MODSECURITY_175.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=12578", "type": "nessus", "title": "FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (113)", "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated by freebsd_pkg_c2e1036877ab11d8b9e800e04ccb0a62.nasl.\n#\n# Disabled on 2011/10/02.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This script contains information extracted from VuXML :\n#\n# Copyright 2003-2006 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n#\n#\n\ninclude('compat.inc');\n\nif ( description )\n{\n script_id(12578);\n script_version(\"$Revision: 1.21 $\");\n script_bugtraq_id(9885);\n\n script_name(english:\"FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (113)\");\n\nscript_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');\nscript_set_attribute(attribute:'description', value:'The following package needs to be updated: mod_security');\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\nscript_set_attribute(attribute:'solution', value: 'Update the package on the remote host');\nscript_set_attribute(attribute: 'see_also', value: 'http://fedoralegacy.org/updates/RH7.3/2004-10-23-FLSA_2004_1947__Updated_glibc_packages_fix_flaws.html\nhttp://mozillanews.org/?article_date=2004-12-08+06-48-46\nhttp://rhn.redhat.com/errata/RHSA-2004-059.html\nhttp://secunia.com/advisories/11138\nhttp://secunia.com/advisories/13129/\nhttp://secunia.com/advisories/13254/\nhttp://secunia.com/multiple_browsers_window_injection_vulnerability_test/\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-09.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-10.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-11.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-12.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-13.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-14.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-15.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-16.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-17.html\nhttp://www.s-quadra.com/advisories/Adv-20040315.txt\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=103638\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=273699');\nscript_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/c2e10368-77ab-11d8-b9e8-00e04ccb0a62.html');\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/07/06\");\n script_cvs_date(\"$Date: 2011/10/03 00:48:25 $\");\n script_end_attributes();\n script_cve_id(\"CVE-2004-1765\");\n script_summary(english:\"Check for mod_security\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"FreeBSD Local Security Checks\";\n script_family(english:family[\"english\"]);\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/FreeBSD/pkg_info\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #37595 (freebsd_pkg_c2e1036877ab11d8b9e800e04ccb0a62.nasl) instead.\");\n\nglobal_var cvss_score;\ncvss_score=10;\ninclude('freebsd_package.inc');\n\n\npkg_test(pkg:\"mod_security<1.7.5\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}