GLSA-200404-16 : Multiple new security vulnerabilities in monit
2004-08-30T00:00:00
ID GENTOO_GLSA-200404-16.NASL Type nessus Reporter Tenable Modified 2018-12-18T00:00:00
Description
The remote host is affected by the vulnerability described in GLSA-200404-16 (Multiple new security vulnerabilities in monit)
Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method handling code.
Impact :
An attacker may exploit the off-by-one error to crash the Monit daemon and create a denial of service condition, or cause a buffer overflow that would allow arbitrary code to be executed with root privileges.
Workaround :
A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200404-16.
#
# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include("compat.inc");
if (description)
{
script_id(14481);
script_version("1.11");
script_cvs_date("Date: 2018/12/18 10:18:58");
script_xref(name:"GLSA", value:"200404-16");
script_name(english:"GLSA-200404-16 : Multiple new security vulnerabilities in monit");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-200404-16
(Multiple new security vulnerabilities in monit)
Monit has several vulnerabilities in its HTTP interface : a buffer overflow
vulnerability in the authentication handling code and a off-by-one error in
the POST method handling code.
Impact :
An attacker may exploit the off-by-one error to crash the Monit daemon and
create a denial of service condition, or cause a buffer overflow that would
allow arbitrary code to be executed with root privileges.
Workaround :
A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package."
);
# http://www.tildeslash.com/monit/secadv_20040305.txt
script_set_attribute(
attribute:"see_also",
value:"https://mmonit.com/monit/secadv_20040305.txt"
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/200404-16"
);
script_set_attribute(
attribute:"solution",
value:
"Monit users should upgrade to version 4.2.1 or later:
# emerge sync
# emerge -pv '>=app-admin/monit-4.2.1'
# emerge '>=app-admin/monit-4.2.1'"
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:monit");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2004/04/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (qpkg_check(package:"app-admin/monit", unaffected:make_list("ge 4.2.1"), vulnerable:make_list("le 4.2"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "app-admin/monit");
}
{"id": "GENTOO_GLSA-200404-16.NASL", "bulletinFamily": "scanner", "title": "GLSA-200404-16 : Multiple new security vulnerabilities in monit", "description": "The remote host is affected by the vulnerability described in GLSA-200404-16 (Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method handling code.\n Impact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and create a denial of service condition, or cause a buffer overflow that would allow arbitrary code to be executed with root privileges.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "published": "2004-08-30T00:00:00", "modified": "2018-12-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=14481", "reporter": "Tenable", "references": ["https://security.gentoo.org/glsa/200404-16", "https://mmonit.com/monit/secadv_20040305.txt"], "cvelist": [], "type": "nessus", "lastseen": "2019-02-21T01:08:04", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:gentoo:linux:monit", "cpe:/o:gentoo:linux"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is affected by the vulnerability described in GLSA-200404-16 (Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method handling code.\n Impact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and create a denial of service condition, or cause a buffer overflow that would allow arbitrary code to be executed with root privileges.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "a6fd83e3134551f5d1a4daca3fe22182f52ecdff0fdbbb0f9266f737b347d348", "hashmap": [{"hash": "4101951b7bafbcde278b39c97cffaf4d", "key": "cpe"}, {"hash": "0b765324c2200d7521a1d3f879e8bc53", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3b0cc5f591dd5b8dacb0c8e01546b2b4", "key": "pluginID"}, {"hash": "1412fa026d63bbac0010b8dd06f9cbb9", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "98b8abc60d1a1ee8e1890c3a8b9f7300", "key": "sourceData"}, {"hash": "344b961a92f7e8a9977345479f0c0a2b", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f476ba8ff91f5bfcc79d4045d75f8605", "key": "references"}, {"hash": "acb69d2eb16c2374cdffe0a01eeb7447", "key": "href"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "6ee761184a4ca30c3790b5abeaf8061b", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14481", "id": "GENTOO_GLSA-200404-16.NASL", "lastseen": "2018-12-19T07:49:12", "modified": "2018-12-18T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "14481", "published": "2004-08-30T00:00:00", "references": ["https://security.gentoo.org/glsa/200404-16", "https://mmonit.com/monit/secadv_20040305.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14481);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_xref(name:\"GLSA\", value:\"200404-16\");\n\n script_name(english:\"GLSA-200404-16 : Multiple new security vulnerabilities in monit\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\n \nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n # http://www.tildeslash.com/monit/secadv_20040305.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mmonit.com/monit/secadv_20040305.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Monit users should upgrade to version 4.2.1 or later:\n # emerge sync\n # emerge -pv '>=app-admin/monit-4.2.1'\n # emerge '>=app-admin/monit-4.2.1'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:monit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/monit\", unaffected:make_list(\"ge 4.2.1\"), vulnerable:make_list(\"le 4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-admin/monit\");\n}\n", "title": "GLSA-200404-16 : Multiple new security vulnerabilities in monit", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 3, "lastseen": "2018-12-19T07:49:12"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:gentoo:linux:monit", "cpe:/o:gentoo:linux"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.", "edition": 4, "enchantments": {"dependencies": {"modified": "2019-01-16T20:05:36", "references": [{"idList": ["GENTOO_GLSA-200404-20.NASL", "GENTOO_GLSA-200404-06.NASL", "DEBIAN_DSA-486.NASL", "DEBIAN_DSA-425.NASL", "GENTOO_GLSA-200404-12.NASL", "MANDRAKE_MDKSA-2004-032.NASL", "DEBIAN_DSA-487.NASL", "FEDORA_2004-092.NASL", "REDHAT-RHSA-2003-317.NASL", "REDHAT-RHSA-2004-585.NASL"], "type": "nessus"}, {"idList": ["CVE-2004-0367", "CVE-2004-0372"], "type": "cve"}, {"idList": ["84237895-8F39-11D8-8B29-0020ED76EF5A", "8338A20F-9573-11D8-9366-0020ED76EF5A", "BFB36941-84FA-11D8-A41F-0020ED76EF5A", "0792E7A7-8E37-11D8-90D1-0020ED76EF5A"], "type": "freebsd"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "3327838190c28cf5a579efc787efd62b4745d7ac433869ad7eef9e4e0d96689c", "hashmap": [{"hash": "4101951b7bafbcde278b39c97cffaf4d", "key": "cpe"}, {"hash": "0b765324c2200d7521a1d3f879e8bc53", "key": "modified"}, {"hash": "d2ea85ba093e5ce3cde27492a77a823d", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3b0cc5f591dd5b8dacb0c8e01546b2b4", "key": "pluginID"}, {"hash": "1412fa026d63bbac0010b8dd06f9cbb9", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "98b8abc60d1a1ee8e1890c3a8b9f7300", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f476ba8ff91f5bfcc79d4045d75f8605", "key": "references"}, {"hash": "acb69d2eb16c2374cdffe0a01eeb7447", "key": "href"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "6ee761184a4ca30c3790b5abeaf8061b", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14481", "id": "GENTOO_GLSA-200404-16.NASL", "lastseen": "2019-01-16T20:05:36", "modified": "2018-12-18T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "14481", "published": "2004-08-30T00:00:00", "references": ["https://security.gentoo.org/glsa/200404-16", "https://mmonit.com/monit/secadv_20040305.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14481);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_xref(name:\"GLSA\", value:\"200404-16\");\n\n script_name(english:\"GLSA-200404-16 : Multiple new security vulnerabilities in monit\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\n \nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n # http://www.tildeslash.com/monit/secadv_20040305.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mmonit.com/monit/secadv_20040305.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Monit users should upgrade to version 4.2.1 or later:\n # emerge sync\n # emerge -pv '>=app-admin/monit-4.2.1'\n # emerge '>=app-admin/monit-4.2.1'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:monit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/monit\", unaffected:make_list(\"ge 4.2.1\"), vulnerable:make_list(\"le 4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-admin/monit\");\n}\n", "title": "GLSA-200404-16 : Multiple new security vulnerabilities in monit", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2019-01-16T20:05:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is affected by the vulnerability described in GLSA-200404-16 (Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method handling code.\n Impact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and create a denial of service condition, or cause a buffer overflow that would allow arbitrary code to be executed with root privileges.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "edition": 1, "enchantments": {}, "hash": "7ca3dc7ca7a4d0dcc958f3f11a181dad47f9ceddc8cb873ea3f047927cba15bb", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3b0cc5f591dd5b8dacb0c8e01546b2b4", "key": "pluginID"}, {"hash": "001e1a699c109df42f4ef0fb111cff53", "key": "sourceData"}, {"hash": "1412fa026d63bbac0010b8dd06f9cbb9", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "326af443ca0c41e91daa171ff124ce60", "key": "modified"}, {"hash": "344b961a92f7e8a9977345479f0c0a2b", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "acb69d2eb16c2374cdffe0a01eeb7447", "key": "href"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "dff471da633acf9e8e5a123d75e95c36", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "6ee761184a4ca30c3790b5abeaf8061b", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14481", "id": "GENTOO_GLSA-200404-16.NASL", "lastseen": "2016-09-26T17:23:32", "modified": "2015-04-13T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.2", "pluginID": "14481", "published": "2004-08-30T00:00:00", "references": ["https://security.gentoo.org/glsa/200404-16", "http://www.tildeslash.com/monit/secadv_20040305.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14481);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2015/04/13 13:34:21 $\");\n\n script_xref(name:\"GLSA\", value:\"200404-16\");\n\n script_name(english:\"GLSA-200404-16 : Multiple new security vulnerabilities in monit\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\n \nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.tildeslash.com/monit/secadv_20040305.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Monit users should upgrade to version 4.2.1 or later:\n # emerge sync\n # emerge -pv '>=app-admin/monit-4.2.1'\n # emerge '>=app-admin/monit-4.2.1'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:monit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/monit\", unaffected:make_list(\"ge 4.2.1\"), vulnerable:make_list(\"le 4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-admin/monit\");\n}\n", "title": "GLSA-200404-16 : Multiple new security vulnerabilities in monit", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:32"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:gentoo:linux:monit", "cpe:/o:gentoo:linux"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is affected by the vulnerability described in GLSA-200404-16 (Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method handling code.\n Impact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and create a denial of service condition, or cause a buffer overflow that would allow arbitrary code to be executed with root privileges.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "10382662cb3692bc854a319801a4dbc627da844755cedf721568926526fff0c4", "hashmap": [{"hash": "4101951b7bafbcde278b39c97cffaf4d", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3b0cc5f591dd5b8dacb0c8e01546b2b4", "key": "pluginID"}, {"hash": "001e1a699c109df42f4ef0fb111cff53", "key": "sourceData"}, {"hash": "1412fa026d63bbac0010b8dd06f9cbb9", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "326af443ca0c41e91daa171ff124ce60", "key": "modified"}, {"hash": "344b961a92f7e8a9977345479f0c0a2b", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "acb69d2eb16c2374cdffe0a01eeb7447", "key": "href"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "dff471da633acf9e8e5a123d75e95c36", "key": "references"}, {"hash": "6ee761184a4ca30c3790b5abeaf8061b", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14481", "id": "GENTOO_GLSA-200404-16.NASL", "lastseen": "2017-10-29T13:34:31", "modified": "2015-04-13T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "14481", "published": "2004-08-30T00:00:00", "references": ["https://security.gentoo.org/glsa/200404-16", "http://www.tildeslash.com/monit/secadv_20040305.txt"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14481);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2015/04/13 13:34:21 $\");\n\n script_xref(name:\"GLSA\", value:\"200404-16\");\n\n script_name(english:\"GLSA-200404-16 : Multiple new security vulnerabilities in monit\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\n \nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.tildeslash.com/monit/secadv_20040305.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Monit users should upgrade to version 4.2.1 or later:\n # emerge sync\n # emerge -pv '>=app-admin/monit-4.2.1'\n # emerge '>=app-admin/monit-4.2.1'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:monit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/monit\", unaffected:make_list(\"ge 4.2.1\"), vulnerable:make_list(\"le 4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-admin/monit\");\n}\n", "title": "GLSA-200404-16 : Multiple new security vulnerabilities in monit", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:34:31"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "4101951b7bafbcde278b39c97cffaf4d"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "344b961a92f7e8a9977345479f0c0a2b"}, {"key": "href", "hash": "acb69d2eb16c2374cdffe0a01eeb7447"}, {"key": "modified", "hash": "0b765324c2200d7521a1d3f879e8bc53"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "pluginID", "hash": "3b0cc5f591dd5b8dacb0c8e01546b2b4"}, {"key": "published", "hash": "6ee761184a4ca30c3790b5abeaf8061b"}, {"key": "references", "hash": "f476ba8ff91f5bfcc79d4045d75f8605"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "98b8abc60d1a1ee8e1890c3a8b9f7300"}, {"key": "title", "hash": "1412fa026d63bbac0010b8dd06f9cbb9"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "a6fd83e3134551f5d1a4daca3fe22182f52ecdff0fdbbb0f9266f737b347d348", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:52469", "OPENVAS:52481", "OPENVAS:52455", "OPENVAS:52465"]}, {"type": "nessus", "idList": ["FEDORA_2004-487.NASL", "REDHAT-RHSA-2004-585.NASL", "DEBIAN_DSA-486.NASL", "DEBIAN_DSA-425.NASL", "DEBIAN_DSA-487.NASL", "GENTOO_GLSA-200404-06.NASL", "GENTOO_GLSA-200404-20.NASL", "GENTOO_GLSA-200404-19.NASL", "GENTOO_GLSA-200404-12.NASL", "MANDRAKE_MDKSA-2004-032.NASL"]}, {"type": "redhat", "idList": ["RHSA-2004:585"]}], "modified": "2019-02-21T01:08:04"}, "score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-16.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14481);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_xref(name:\"GLSA\", value:\"200404-16\");\n\n script_name(english:\"GLSA-200404-16 : Multiple new security vulnerabilities in monit\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-16\n(Multiple new security vulnerabilities in monit)\n\n Monit has several vulnerabilities in its HTTP interface : a buffer overflow\n vulnerability in the authentication handling code and a off-by-one error in\n the POST method handling code.\n \nImpact :\n\n An attacker may exploit the off-by-one error to crash the Monit daemon and\n create a denial of service condition, or cause a buffer overflow that would\n allow arbitrary code to be executed with root privileges.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n # http://www.tildeslash.com/monit/secadv_20040305.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mmonit.com/monit/secadv_20040305.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Monit users should upgrade to version 4.2.1 or later:\n # emerge sync\n # emerge -pv '>=app-admin/monit-4.2.1'\n # emerge '>=app-admin/monit-4.2.1'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:monit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/monit\", unaffected:make_list(\"ge 4.2.1\"), vulnerable:make_list(\"le 4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-admin/monit\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "14481", "cpe": ["p-cpe:/a:gentoo:linux:monit", "cpe:/o:gentoo:linux"], "scheme": null}
{"openvas": [{"lastseen": "2019-03-18T14:40:48", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-014-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231053949", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231053949", "title": "Slackware Advisory SSA:2004-014-01 kdepim security update", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_014_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.53949\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_bugtraq_id(9419);\n script_cve_id(\"CVE-2003-0988\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2004-014-01 kdepim security update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.0|9\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-014-01\");\n\n script_tag(name:\"insight\", value:\"New kdepim packages are available for Slackware 9.0 and 9.1 to\nfix a security issue with .VCF file handling. For Slackware -current,\na complete upgrade to kde-3.1.5 is available.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2004-014-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"kde\", ver:\"3.1.3-i386-2\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"kde\", ver:\"3.1.3-i386-2\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"kdepim\", ver:\"3.1.4-i486-2\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:41:44", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-108-02.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231053940", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231053940", "title": "Slackware Advisory SSA:2004-108-02 cvs security update", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_108_02.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.53940\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2004-0180\", \"CVE-2004-0405\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2004-108-02 cvs security update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-108-02\");\n\n script_tag(name:\"insight\", value:\"CVS is a client/server version control system. As a server, it\nis used to host source code repositories. As a client, it is\nused to access such repositories. This advisory affects both uses\nof CVS.\n\nA security problem which could allow a server to create arbitrary\nfiles on a client machine, and another security problem which may\nallow a client to view files outside of the CVS repository have\nbeen fixed with the release of cvs-1.11.15.\n\nAny sites running CVS should upgrade to the new CVS package.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2004-108-02.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"cvs\", ver:\"1.11.15-i386-1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"cvs\", ver:\"1.11.15-i386-1\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"cvs\", ver:\"1.11.15-i486-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-10-05T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52465", "id": "OPENVAS:52465", "title": "FreeBSD Ports: xine", "type": "openvas", "sourceData": "#\n#VID fde53204-7ea6-11d8-9645-0020ed76ef5a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: xine\n\nThe installed version of xine creates temporary\nfiles in an insecure fashion, and is thus vulnerable\nto a symlink attack\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://marc.theaimsgroup.com/?l=bugtraq&m=107997911025558\nhttp://www.vuxml.org/freebsd/fde53204-7ea6-11d8-9645-0020ed76ef5a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52465);\n script_version(\"$Revision: 4218 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-05 16:20:48 +0200 (Wed, 05 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(9939);\n script_cve_id(\"CVE-2004-0372\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: xine\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"xine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.23_3\")<0) {\n txt += 'Package xine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-16T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52469", "id": "OPENVAS:52469", "title": "FreeBSD Ports: cvs+ipv6", "type": "openvas", "sourceData": "#\n#VID 0792e7a7-8e37-11d8-90d1-0020ed76ef5a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: cvs+ipv6\n\nCVE-2004-0180\nThe client for CVS before 1.11 allows a remote malicious CVS server to\ncreate arbitrary files using certain RCS diff files that use absolute\npathnames during checkouts or updates, a different vulnerability than\nCVE-2004-0405.\n\nCVE-2004-0405\nCVS before 1.11 allows CVS clients to read arbitrary files via .. (dot\ndot) sequences in filenames via CVS client requests, a different\nvulnerability than CVE-2004-0180.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://ccvs.cvshome.org/servlets/NewsItemView?newsID=102\nhttp://www.vuxml.org/freebsd/0792e7a7-8e37-11d8-90d1-0020ed76ef5a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52469);\n script_version(\"$Revision: 4078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-16 07:34:17 +0200 (Fri, 16 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0180\", \"CVE-2004-0405\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"FreeBSD Ports: cvs+ipv6\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"cvs+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.11.5_1\")<=0) {\n txt += 'Package cvs+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-28T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52481", "id": "OPENVAS:52481", "title": "FreeBSD Ports: racoon", "type": "openvas", "sourceData": "#\n#VID ccd698df-8e20-11d8-90d1-0020ed76ef5a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: racoon\n\nCVE-2004-0403\nRacoon before 20040408a allows remote attackers to cause a denial of\nservice (memory consumption) via an ISAKMP packet with a large length\nfield.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp.c.diff?r1=1.180&r2=1.181\nhttp://www.vuxml.org/freebsd/ccd698df-8e20-11d8-90d1-0020ed76ef5a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52481);\n script_version(\"$Revision: 4164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-28 09:03:16 +0200 (Wed, 28 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(10172);\n script_cve_id(\"CVE-2004-0403\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: racoon\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"racoon\");\nif(!isnull(bver) && revcomp(a:bver, b:\"20040408a\")<0) {\n txt += 'Package racoon version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-28T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52455", "id": "OPENVAS:52455", "title": "FreeBSD Ports: pwlib", "type": "openvas", "sourceData": "#\n#VID 27c331d5-64c7-11d8-80e3-0020ed76ef5a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n pwlib\n asterisk\n openh323\n\nCVE-2004-0097\nMultiple vulnerabilities in PWLib before 1.6.0 allow remote attackers\nto cause a denial of service and possibly execute arbitrary code, as\ndemonstrated by the NISCC/OUSPG PROTOS test suite for the H.225\nprotocol.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.uniras.gov.uk/vuls/2004/006489/h323.htm\nhttp://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html\nhttp://www.southeren.com/blog/archives/000055.html\nhttp://www.vuxml.org/freebsd/27c331d5-64c7-11d8-80e3-0020ed76ef5a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52455);\n script_version(\"$Revision: 4164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-28 09:03:16 +0200 (Wed, 28 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2004-0097\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: pwlib\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"pwlib\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.5.0_5\")<0) {\n txt += 'Package pwlib version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"asterisk\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.7.2\")<=0) {\n txt += 'Package asterisk version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"openh323\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.12.0_4\")<0) {\n txt += 'Package openh323 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:08:17", "bulletinFamily": "scanner", "description": "Fix several buffer overflow problems that could be used as an exploit.\nFixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-19T00:00:00", "id": "FEDORA_2004-487.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15895", "published": "2004-12-02T00:00:00", "title": "Fedora Core 3 : cyrus-imapd-2.2.10-1.fc3 (2004-487)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-487.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15895);\n script_version (\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:19:04\");\n\n script_xref(name:\"FEDORA\", value:\"2004-487\");\n\n script_name(english:\"Fedora Core 3 : cyrus-imapd-2.2.10-1.fc3 (2004-487)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix several buffer overflow problems that could be used as an exploit.\nFixes the following security advisories: CVE-2004-1011 CVE-2004-1012\nCVE-2004-1013 CVE-2004-1015\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-December/000462.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d5096c6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cyrus-imapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-murder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-nntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cyrus-imapd-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Cyrus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"cyrus-imapd-2.2.10-1.fc3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cyrus-imapd-devel-2.2.10-1.fc3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cyrus-imapd-murder-2.2.10-1.fc3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cyrus-imapd-nntp-2.2.10-1.fc3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"cyrus-imapd-utils-2.2.10-1.fc3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"perl-Cyrus-2.2.10-1.fc3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cyrus-imapd / cyrus-imapd-devel / cyrus-imapd-murder / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-02-21T01:08:15", "bulletinFamily": "scanner", "description": "An updated xchat package that fixes a stack-based buffer overflow in the SOCKSv5 proxy code.\n\nX-Chat is a graphical IRC chat client for the X Window System.\n\nA stack-based buffer overflow has been fixed in the SOCKSv5 proxy code. An attacker could create a malicious SOCKSv5 proxy server in such a way that X-Chat would execute arbitrary code if a victim configured X-Chat to use the proxy. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0409 to this issue.\n\nUsers of X-Chat should upgrade to this erratum package, which contains a backported security patch, and is not vulnerable to this issue.", "modified": "2018-11-15T00:00:00", "id": "REDHAT-RHSA-2004-585.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15633", "published": "2004-11-04T00:00:00", "title": "RHEL 2.1 / 3 : xchat (RHSA-2004:585)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:585. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15633);\n script_version (\"1.22\");\n script_cvs_date(\"Date: 2018/11/15 11:40:29\");\n\n script_cve_id(\"CVE-2004-0409\");\n script_xref(name:\"RHSA\", value:\"2004:585\");\n\n script_name(english:\"RHEL 2.1 / 3 : xchat (RHSA-2004:585)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xchat package that fixes a stack-based buffer overflow in\nthe SOCKSv5 proxy code.\n\nX-Chat is a graphical IRC chat client for the X Window System.\n\nA stack-based buffer overflow has been fixed in the SOCKSv5 proxy\ncode. An attacker could create a malicious SOCKSv5 proxy server in\nsuch a way that X-Chat would execute arbitrary code if a victim\nconfigured X-Chat to use the proxy. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2004-0409\nto this issue.\n\nUsers of X-Chat should upgrade to this erratum package, which contains\na backported security patch, and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0409\"\n );\n # http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?591f5f7f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:585\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xchat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xchat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:585\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"xchat-1.8.9-1.21as.2\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"xchat-2.0.4-4.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xchat\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:12", "bulletinFamily": "scanner", "description": "Multiple format string vulnerabilities were discovered in neon, an HTTP and WebDAV client library. These vulnerabilities could potentially be exploited by a malicious WebDAV server to execute arbitrary code with the privileges of the process using libneon.", "modified": "2018-07-20T00:00:00", "id": "DEBIAN_DSA-487.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15324", "published": "2004-09-29T00:00:00", "title": "Debian DSA-487-1 : neon - format string", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-487. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15324);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2004-0179\");\n script_bugtraq_id(10136);\n script_xref(name:\"DSA\", value:\"487\");\n\n script_name(english:\"Debian DSA-487-1 : neon - format string\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple format string vulnerabilities were discovered in neon, an\nHTTP and WebDAV client library. These vulnerabilities could\npotentially be exploited by a malicious WebDAV server to execute\narbitrary code with the privileges of the process using libneon.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-487\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the current stable distribution (woody) these problems have been\nfixed in version 0.19.3-2woody3.\n\nWe recommend that you update your neon package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:neon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"libneon-dev\", reference:\"0.19.3-2woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libneon19\", reference:\"0.19.3-2woody3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:11", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered in tcpdump, a tool for inspecting network traffic. If a vulnerable version of tcpdump attempted to examine a maliciously constructed packet, a number of buffer overflows could be exploited to crash tcpdump, or potentially execute arbitrary code with the privileges of the tcpdump process.\n\n - CAN-2003-1029 - infinite loop and memory consumption in processing L2TP packets\n - CAN-2003-0989, CAN-2004-0057 - infinite loops in processing ISAKMP packets\n\n - CAN-2004-0055 - segmentation fault caused by a RADIUS attribute with a large length value", "modified": "2018-07-20T00:00:00", "id": "DEBIAN_DSA-425.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15262", "published": "2004-09-29T00:00:00", "title": "Debian DSA-425-1 : tcpdump - multiple vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-425. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15262);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2003-0989\", \"CVE-2003-1029\", \"CVE-2004-0055\", \"CVE-2004-0057\");\n script_bugtraq_id(9263, 9507);\n script_xref(name:\"CERT\", value:\"174086\");\n script_xref(name:\"CERT\", value:\"738518\");\n script_xref(name:\"CERT\", value:\"955526\");\n script_xref(name:\"DSA\", value:\"425\");\n\n script_name(english:\"Debian DSA-425-1 : tcpdump - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in tcpdump, a tool for\ninspecting network traffic. If a vulnerable version of tcpdump\nattempted to examine a maliciously constructed packet, a number of\nbuffer overflows could be exploited to crash tcpdump, or potentially\nexecute arbitrary code with the privileges of the tcpdump process.\n\n - CAN-2003-1029 - infinite loop and memory consumption in\n processing L2TP packets\n - CAN-2003-0989, CAN-2004-0057 - infinite loops in\n processing ISAKMP packets\n\n - CAN-2004-0055 - segmentation fault caused by a RADIUS\n attribute with a large length value\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-425\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the current stable distribution (woody) these problems have been\nfixed in version 3.6.2-2.7.\n\n\nWe recommend that you update your tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"tcpdump\", reference:\"3.6.2-2.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:12", "bulletinFamily": "scanner", "description": "Two vulnerabilities have been discovered and fixed in CVS :\n\n - CAN-2004-0180 Sebastian Krahmer discovered a vulnerability whereby a malicious CVS pserver could create arbitrary files on the client system during an update or checkout operation, by supplying absolute pathnames in RCS diffs.\n\n - CAN-2004-0405\n\n Derek Robert Price discovered a vulnerability whereby a CVS pserver could be abused by a malicious client to view the contents of certain files outside of the CVS root directory using relative pathnames containing '../'.", "modified": "2018-07-20T00:00:00", "id": "DEBIAN_DSA-486.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15323", "published": "2004-09-29T00:00:00", "title": "Debian DSA-486-1 : cvs - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-486. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15323);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2004-0180\", \"CVE-2004-0405\");\n script_bugtraq_id(10138, 10140);\n script_xref(name:\"DSA\", value:\"486\");\n\n script_name(english:\"Debian DSA-486-1 : cvs - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities have been discovered and fixed in CVS :\n\n - CAN-2004-0180\n Sebastian Krahmer discovered a vulnerability whereby a\n malicious CVS pserver could create arbitrary files on\n the client system during an update or checkout\n operation, by supplying absolute pathnames in RCS diffs.\n\n - CAN-2004-0405\n\n Derek Robert Price discovered a vulnerability whereby a\n CVS pserver could be abused by a malicious client to\n view the contents of certain files outside of the CVS\n root directory using relative pathnames containing\n '../'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-486\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the current stable distribution (woody) these problems have been\nfixed in version 1.11.1p1debian-9woody2.\n\nWe recommend that you update your cvs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"cvs\", reference:\"1.11.1p1debian-9woody2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:08:04", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200404-12 (Scorched 3D server chat box format string vulnerability)\n\n Scorched 3D (build 36.2 and before) does not properly check the text entered in the Chat box (T key). Using format string characters, you can generate a heap overflow. This and several other unchecked buffers have been corrected in the build 37 release.\n Impact :\n\n This vulnerability can be easily exploited to remotely crash the Scorched 3D server, disconnecting all clients. It could also theoretically be used to execute arbitrary code on the server with the rights of the user running the server.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "modified": "2016-10-05T00:00:00", "id": "GENTOO_GLSA-200404-12.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14477", "published": "2004-08-30T00:00:00", "title": "GLSA-200404-12 : Scorched 3D server chat box format string vulnerability", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14477);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/10/05 13:32:57 $\");\n\n script_xref(name:\"GLSA\", value:\"200404-12\");\n\n script_name(english:\"GLSA-200404-12 : Scorched 3D server chat box format string vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-12\n(Scorched 3D server chat box format string vulnerability)\n\n Scorched 3D (build 36.2 and before) does not properly check the text\n entered in the Chat box (T key). Using format string characters, you can\n generate a heap overflow. This and several other unchecked buffers have\n been corrected in the build 37 release.\n \nImpact :\n\n This vulnerability can be easily exploited to remotely crash the Scorched\n 3D server, disconnecting all clients. It could also theoretically be used to\n execute arbitrary code on the server with the rights of the user running\n the server.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Scorched 3D users should upgrade to version 37 or later:\n # emerge sync\n # emerge -pv '>=games-strategy/scorched3d-37'\n # emerge '>=games-strategy/scorched3d-37'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:scorched3d\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"games-strategy/scorched3d\", unaffected:make_list(\"ge 37\"), vulnerable:make_list(\"lt 37\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"games-strategy/scorched3d\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-02-21T01:08:04", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200404-19 (Buffer overflows and format string vulnerabilities in LCDproc)\n\n Due to insufficient checking of client-supplied data, the LCDd server is susceptible to two buffer overflows and one string buffer vulnerability. If the server is configured to listen on all network interfaces (see the Bind parameter in LCDproc configuration), these vulnerabilities can be triggered remotely.\n Impact :\n\n These vulnerabilities allow an attacker to execute code with the rights of the user running the LCDproc server. By default, this is the 'nobody' user.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-200404-19.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14484", "published": "2004-08-30T00:00:00", "title": "GLSA-200404-19 : Buffer overflows and format string vulnerabilities in LCDproc", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-19.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14484);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_xref(name:\"GLSA\", value:\"200404-19\");\n\n script_name(english:\"GLSA-200404-19 : Buffer overflows and format string vulnerabilities in LCDproc\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-19\n(Buffer overflows and format string vulnerabilities in LCDproc)\n\n Due to insufficient checking of client-supplied data, the LCDd server is\n susceptible to two buffer overflows and one string buffer vulnerability. If\n the server is configured to listen on all network interfaces (see the Bind\n parameter in LCDproc configuration), these vulnerabilities can be triggered\n remotely.\n \nImpact :\n\n These vulnerabilities allow an attacker to execute code with the rights of\n the user running the LCDproc server. By default, this is the 'nobody' user.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised\n to upgrade to the latest version of the affected package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-19\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"LCDproc users should upgrade to version 0.4.5 or later:\n # emerge sync\n # emerge -pv '>=app-misc/lcdproc-0.4.5'\n # emerge '>=app-misc/lcdproc-0.4.5'\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"Medium\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lcdproc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/04/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-misc/lcdproc\", unaffected:make_list(\"ge 0.4.5\"), vulnerable:make_list(\"le 0.4.4-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"app-misc/lcdproc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-02-21T01:08:04", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200404-06 (Util-linux login may leak sensitive data)\n\n In some situations the login program could leak sensitive data due to an incorrect usage of a reallocated pointer.\n\tNOTE: Only users who have PAM support disabled on their \tsystems (i.e. -PAM in their USE variable) will be affected by this \tvulnerability. By default, this USE flag is enabled on all \tarchitectures. Users with PAM support on their system receive login binaries \tas part of the pam-login package, which remains unaffected.\n Impact :\n\n A remote attacker may obtain sensitive data.\n Workaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.", "modified": "2015-04-13T00:00:00", "id": "GENTOO_GLSA-200404-06.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14471", "published": "2004-08-30T00:00:00", "title": "GLSA-200404-06 : Util-linux login may leak sensitive data", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14471);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2015/04/13 13:34:21 $\");\n\n script_cve_id(\"CVE-2004-0080\");\n script_xref(name:\"GLSA\", value:\"200404-06\");\n\n script_name(english:\"GLSA-200404-06 : Util-linux login may leak sensitive data\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-06\n(Util-linux login may leak sensitive data)\n\n In some situations the login program could leak sensitive data due to an\n incorrect usage of a reallocated pointer.\n\tNOTE: Only users who have PAM support disabled on their\n\tsystems (i.e. -PAM in their USE variable) will be affected by this\n\tvulnerability. By default, this USE flag is enabled on all\n\tarchitectures. Users with PAM support on their system receive login binaries\n\tas part of the pam-login package, which remains unaffected.\n \nImpact :\n\n A remote attacker may obtain sensitive data.\n \nWorkaround :\n\n A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All util-linux users should upgrade to version 2.12 or later:\n # emerge sync\n\t# emerge -pv '>=sys-apps/util-linux-2.12'\n # emerge '>=sys-apps/util-linux-2.12'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:util-linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-apps/util-linux\", unaffected:make_list(\"ge 2.12\"), vulnerable:make_list(\"le 2.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sys-apps/util-linux\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-21T01:08:04", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200404-20 (Multiple vulnerabilities in xine)\n\n Several vulnerabilities were found in xine-ui and xine-lib. By opening a malicious MRL in any xine-lib based media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running the application. By opening a malicious playlist in the xine-ui media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running xine-ui. Finally, a temporary file is created in an insecure manner by the xine-check and xine-bugreport scripts, potentially allowing a local attacker to use a symlink attack.\n Impact :\n\n These three vulnerabilities may allow an attacker to corrupt system files, thus potentially leading to a Denial of Service. It is also theoretically possible, though very unlikely, to use these vulnerabilities to elevate the privileges of the attacker.\n Workaround :\n\n There is no known workaround at this time. All users are advised to upgrade to the latest available versions of xine-ui and xine-lib.", "modified": "2018-08-10T00:00:00", "id": "GENTOO_GLSA-200404-20.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14485", "published": "2004-08-30T00:00:00", "title": "GLSA-200404-20 : Multiple vulnerabilities in xine", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200404-20.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14485);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2004-0372\", \"CVE-2004-1951\");\n script_xref(name:\"GLSA\", value:\"200404-20\");\n\n script_name(english:\"GLSA-200404-20 : Multiple vulnerabilities in xine\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200404-20\n(Multiple vulnerabilities in xine)\n\n Several vulnerabilities were found in xine-ui and xine-lib. By opening\n a malicious MRL in any xine-lib based media player, an attacker can\n write arbitrary content to an arbitrary file, only restricted by the\n permissions of the user running the application. By opening a malicious\n playlist in the xine-ui media player, an attacker can write arbitrary\n content to an arbitrary file, only restricted by the permissions of the\n user running xine-ui. Finally, a temporary file is created in an\n insecure manner by the xine-check and xine-bugreport scripts,\n potentially allowing a local attacker to use a symlink attack.\n \nImpact :\n\n These three vulnerabilities may allow an attacker to corrupt system\n files, thus potentially leading to a Denial of Service. It is also\n theoretically possible, though very unlikely, to use these\n vulnerabilities to elevate the privileges of the attacker.\n \nWorkaround :\n\n There is no known workaround at this time. All users are advised to\n upgrade to the latest available versions of xine-ui and xine-lib.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://xinehq.de/index.php/security\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://nettwerked.mg2.org/advisories/xinebug\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200404-20\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All users of xine-ui or another xine-based player should upgrade to the\n latest stable versions:\n # emerge sync\n # emerge -pv '>=media-video/xine-ui-0.9.23-r2'\n # emerge '>=media-video/xine-ui-0.9.23-r2'\n # emerge -pv '>=media-libs/xine-lib-1_rc3-r3'\n # emerge '>=media-libs/xine-lib-1_rc3-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xine-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-video/xine-ui\", unaffected:make_list(\"ge 0.9.23-r2\"), vulnerable:make_list(\"le 0.9.23-r1\"))) flag++;\nif (qpkg_check(package:\"media-libs/xine-lib\", unaffected:make_list(\"ge 1_rc3-r3\"), vulnerable:make_list(\"le 1_rc3-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"media-video/xine-ui / media-libs/xine-lib\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:08:01", "bulletinFamily": "scanner", "description": "A number of various format string vulnerabilities were discovered in the error output handling of Neon, the HTTP and WebDAV client library, by Thomas Wana. These problems affect all versions of Neon from 0.19.0 up to and including 0.24.4.\n\nAll users are encouraged to upgrade. All client software using this library is affected.", "modified": "2018-07-19T00:00:00", "id": "MANDRAKE_MDKSA-2004-032.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14131", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : libneon (MDKSA-2004:032)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:032. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14131);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2018/07/19 20:59:13\");\n\n script_cve_id(\"CVE-2004-0179\");\n script_xref(name:\"MDKSA\", value:\"2004:032\");\n\n script_name(english:\"Mandrake Linux Security Advisory : libneon (MDKSA-2004:032)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of various format string vulnerabilities were discovered in\nthe error output handling of Neon, the HTTP and WebDAV client library,\nby Thomas Wana. These problems affect all versions of Neon from 0.19.0\nup to and including 0.24.4.\n\nAll users are encouraged to upgrade. All client software using this\nlibrary is affected.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64neon0.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64neon0.24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64neon0.24-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libneon0.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libneon0.24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libneon0.24-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libneon0.24-0.24.5-0.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libneon0.24-devel-0.24.5-0.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libneon0.24-static-devel-0.24.5-0.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64neon0.24-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64neon0.24-devel-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64neon0.24-static-devel-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libneon0.24-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libneon0.24-devel-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libneon0.24-static-devel-0.24.5-0.1.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-03-22T21:13:50", "bulletinFamily": "unix", "description": "X-Chat is a graphical IRC chat client for the X Window System.\n\nA stack buffer overflow has been fixed in the SOCKSv5 proxy code.\nAn attacker could create a malicious SOCKSv5 proxy server in such a way\nthat X-Chat would execute arbitrary code if a victim configured X-Chat to\nuse the proxy. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0409 to this issue.\n\nUsers of X-Chat should upgrade to this erratum package, which contains a\nbackported security patch, and is not vulnerable to this issue.", "modified": "2019-03-22T23:43:37", "published": "2004-10-27T04:00:00", "id": "RHSA-2004:585", "href": "https://access.redhat.com/errata/RHSA-2004:585", "type": "redhat", "title": "(RHSA-2004:585) xchat security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
