GLSA-201206-26 : RPM: Multiple vulnerabilities

2012-06-25T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-201206-26 (RPM: Multiple vulnerabilities) Multiple vulnerabilities have been found in RPM: fsm.c fails to properly strip setuid and setgid bits from executable files during a package upgrade (CVE-2010-2059). RPM does not properly parse spec files (CVE-2010-2197). fsm.c fails to properly strip POSIX file capabilities from executable files during a package upgrade or removal (CVE-2010-2198). fsm.c fails to properly strip POSIX ACLs from executable files during a package upgrade or removal (CVE-2010-2199). header.c does not properly parse region offsets in package files (CVE-2011-3378). RPM does not properly sanitize region tags in package headers (CVE-2012-0060). RPM does not properly sanitize region sizes in package headers (CVE-2012-0061). RPM does not properly sanitize region offsets in package headers(CVE-2012-0815). Impact : A local attacker may be able to gain elevated privileges. Furthermore, a remote attacker could entice a user to open a specially crafted RPM package, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.

{"id": "GENTOO_GLSA-201206-26.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "GLSA-201206-26 : RPM: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201206-26 (RPM: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in RPM:\n fsm.c fails to properly strip setuid and setgid bits from executable files during a package upgrade (CVE-2010-2059).\n RPM does not properly parse spec files (CVE-2010-2197).\n fsm.c fails to properly strip POSIX file capabilities from executable files during a package upgrade or removal (CVE-2010-2198).\n fsm.c fails to properly strip POSIX ACLs from executable files during a package upgrade or removal (CVE-2010-2199).\n header.c does not properly parse region offsets in package files (CVE-2011-3378).\n RPM does not properly sanitize region tags in package headers (CVE-2012-0060).\n RPM does not properly sanitize region sizes in package headers (CVE-2012-0061).\n RPM does not properly sanitize region offsets in package headers(CVE-2012-0815).\n Impact :\n\n A local attacker may be able to gain elevated privileges. Furthermore, a remote attacker could entice a user to open a specially crafted RPM package, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "published": "2012-06-25T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59679", "reporter": "This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0061", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0060", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0815", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378", "https://security.gentoo.org/glsa/201206-26", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2197", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2198", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2199"], "cvelist": ["CVE-2010-2059", "CVE-2010-2197", "CVE-2010-2198", "CVE-2010-2199", "CVE-2011-3378", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "immutableFields": [], "lastseen": "2023-02-13T14:33:38", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2011-014", "ALAS-2012-061"]}, {"type": "centos", "idList": ["CESA-2010:0678", "CESA-2010:0679", "CESA-2011:1349", "CESA-2012:0451"]}, {"type": "cve", "idList": ["CVE-2004-2768", "CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2197", "CVE-2010-2198", "CVE-2010-2199", "CVE-2011-3378", "CVE-2011-3608", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"]}, {"type": "debian", "idList": ["DEBIAN:DLA-140-1:1E890", "DEBIAN:DLA-140-1:D0C9C"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2004-2768", "DEBIANCVE:CVE-2005-4889", "DEBIANCVE:CVE-2010-2059", "DEBIANCVE:CVE-2010-2197", "DEBIANCVE:CVE-2010-2198", "DEBIANCVE:CVE-2010-2199", "DEBIANCVE:CVE-2011-3378", "DEBIANCVE:CVE-2012-0060", "DEBIANCVE:CVE-2012-0061", "DEBIANCVE:CVE-2012-0815"]}, {"type": "fedora", "idList": ["FEDORA:0A4FC21532", "FEDORA:1F17D22970", "FEDORA:27390219F4", "FEDORA:B11E22145D", "FEDORA:B493E11124E", "FEDORA:B516A111706", "FEDORA:B5E8A2101F"]}, {"type": "gentoo", "idList": ["GLSA-201206-26"]}, {"type": "nessus", "idList": ["ALA_ALAS-2011-14.NASL", "ALA_ALAS-2012-61.NASL", "CENTOS_RHSA-2010-0678.NASL", "CENTOS_RHSA-2010-0679.NASL", "CENTOS_RHSA-2011-1349.NASL", "CENTOS_RHSA-2012-0451.NASL", "DEBIAN_DLA-140.NASL", "FEDORA_2010-10617.NASL", "FEDORA_2010-9829.NASL", "FEDORA_2011-13766.NASL", "FEDORA_2011-13785.NASL", "FEDORA_2012-5298.NASL", "FEDORA_2012-5420.NASL", "FEDORA_2012-5421.NASL", "MANDRIVA_MDVSA-2010-180.NASL", "MANDRIVA_MDVSA-2011-143.NASL", "MANDRIVA_MDVSA-2012-056.NASL", "NEWSTART_CGSL_NS-SA-2020-0039_RPM.NASL", "OPENSUSE-2012-259.NASL", "OPENSUSE-2012-260.NASL", "ORACLELINUX_ELSA-2010-0678.NASL", "ORACLELINUX_ELSA-2010-0679.NASL", "ORACLELINUX_ELSA-2011-1349.NASL", "ORACLELINUX_ELSA-2012-0451.NASL", "ORACLEVM_OVMSA-2016-0077.NASL", "REDHAT-RHSA-2010-0678.NASL", "REDHAT-RHSA-2010-0679.NASL", "REDHAT-RHSA-2011-1349.NASL", "REDHAT-RHSA-2011-1408.NASL", "REDHAT-RHSA-2012-0451.NASL", "REDHAT-RHSA-2012-0531.NASL", "SL_20100907_RPM_ON_SL4_X.NASL", "SL_20100907_RPM_ON_SL5_X.NASL", "SL_20111003_RPM_ON_SL4_X.NASL", "SL_20120403_RPM_ON_SL5_X.NASL", "SUSE_11_0_POPT-100609.NASL", "SUSE_11_1_POPT-100609.NASL", "SUSE_11_2_RPM-100609.NASL", "SUSE_11_3_RPM-111010.NASL", "SUSE_11_4_RPM-111010.NASL", "SUSE_11_POPT-100706.NASL", "SUSE_11_POPT-101209.NASL", "SUSE_11_POPT-111010.NASL", "SUSE_11_POPT-120419.NASL", "SUSE_11_POPT-120420.NASL", "SUSE_POPT-7069.NASL", "SUSE_POPT-7792.NASL", "SUSE_POPT-7793.NASL", "SUSE_POPT-8093.NASL", "SUSE_POPT-8184.NASL", "UBUNTU_USN-1695-1.NASL", "VMWARE_VMSA-2011-0004.NASL", "VMWARE_VMSA-2011-0004_REMOTE.NASL", "VMWARE_VMSA-2012-0001.NASL", "VMWARE_VMSA-2012-0001_REMOTE.NASL", "VMWARE_VMSA-2012-0013.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103448", "OPENVAS:103453", "OPENVAS:103558", "OPENVAS:1361412562310103448", "OPENVAS:1361412562310103453", "OPENVAS:1361412562310103558", "OPENVAS:1361412562310120488", "OPENVAS:1361412562310120587", "OPENVAS:1361412562310122079", "OPENVAS:1361412562310122323", "OPENVAS:1361412562310123944", "OPENVAS:136141256231071552", "OPENVAS:1361412562310831160", "OPENVAS:1361412562310831463", "OPENVAS:1361412562310831467", "OPENVAS:1361412562310831592", "OPENVAS:1361412562310841285", "OPENVAS:1361412562310862224", "OPENVAS:1361412562310862229", "OPENVAS:1361412562310863580", "OPENVAS:1361412562310864047", "OPENVAS:1361412562310864170", "OPENVAS:1361412562310864171", "OPENVAS:1361412562310864318", "OPENVAS:1361412562310870316", "OPENVAS:1361412562310870322", "OPENVAS:1361412562310870498", "OPENVAS:1361412562310870580", "OPENVAS:1361412562310880421", "OPENVAS:1361412562310880603", "OPENVAS:1361412562310881018", "OPENVAS:1361412562310881031", "OPENVAS:1361412562310881091", "OPENVAS:1361412562310881143", "OPENVAS:1361412562310881295", "OPENVAS:1361412562310881411", "OPENVAS:71552", "OPENVAS:831160", "OPENVAS:831463", "OPENVAS:831467", "OPENVAS:831592", "OPENVAS:841285", "OPENVAS:862224", "OPENVAS:862229", "OPENVAS:863580", "OPENVAS:864047", "OPENVAS:864170", "OPENVAS:864171", "OPENVAS:864318", "OPENVAS:870316", "OPENVAS:870322", "OPENVAS:870498", "OPENVAS:870580", "OPENVAS:880421", "OPENVAS:880603", "OPENVAS:881018", "OPENVAS:881031", "OPENVAS:881091", "OPENVAS:881143", "OPENVAS:881295", "OPENVAS:881411"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0678", "ELSA-2010-0679", "ELSA-2011-1349", "ELSA-2012-0451"]}, {"type": "osv", "idList": ["OSV:DLA-140-1"]}, {"type": "redhat", "idList": ["RHSA-2010:0678", "RHSA-2010:0679", "RHSA-2011:1349", "RHSA-2011:1408", "RHSA-2012:0451", "RHSA-2012:0531"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24737", "SECURITYVULNS:DOC:25898", "SECURITYVULNS:DOC:27139", "SECURITYVULNS:VULN:11140", "SECURITYVULNS:VULN:11956"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:1203-1", "SUSE-SU-2011:1140-1", "SUSE-SU-2011:1140-2"]}, {"type": "ubuntu", "idList": ["USN-1695-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2005-4889", "UB:CVE-2010-2059", "UB:CVE-2010-2197", "UB:CVE-2011-3378", "UB:CVE-2012-0060", "UB:CVE-2012-0061", "UB:CVE-2012-0815"]}, {"type": "veracode", "idList": ["VERACODE:24169", "VERACODE:24728", "VERACODE:24971", "VERACODE:24972", "VERACODE:24973"]}, {"type": "vmware", "idList": ["VMSA-2011-0004", "VMSA-2011-0004.3", "VMSA-2012-0001", "VMSA-2012-0001.2", "VMSA-2012-0013", "VMSA-2012-0013.2"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2011-014"]}, {"type": "centos", "idList": ["CESA-2010:0678", "CESA-2010:0679", "CESA-2011:1349", "CESA-2012:0451"]}, {"type": "cve", "idList": ["CVE-2010-2059", "CVE-2010-2197", "CVE-2010-2198", "CVE-2010-2199"]}, {"type": "debian", "idList": ["DEBIAN:DLA-140-1:1E890"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-2197", "DEBIANCVE:CVE-2010-2198", "DEBIANCVE:CVE-2010-2199", "DEBIANCVE:CVE-2011-3378"]}, {"type": "fedora", "idList": ["FEDORA:B516A111706"]}, {"type": "gentoo", "idList": ["GLSA-201206-26"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-3378/"]}, {"type": "nessus", "idList": ["FEDORA_2012-5298.NASL", "MANDRIVA_MDVSA-2010-180.NASL", "ORACLELINUX_ELSA-2010-0679.NASL", "ORACLELINUX_ELSA-2011-1349.NASL", "SL_20100907_RPM_ON_SL5_X.NASL", "SUSE_11_2_RPM-100609.NASL", "SUSE_11_3_RPM-111010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103453", "OPENVAS:1361412562310120488", "OPENVAS:1361412562310864170", "OPENVAS:1361412562310864318", "OPENVAS:1361412562310870498", "OPENVAS:863580"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0678", "ELSA-2010-0679", "ELSA-2011-1349", "ELSA-2012-0451"]}, {"type": "redhat", "idList": ["RHSA-2010:0678", "RHSA-2010:0679", "RHSA-2011:1349", "RHSA-2012:0451"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24737", "SECURITYVULNS:VULN:11140"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1140-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-2197", "UB:CVE-2012-0815"]}, {"type": "vmware", "idList": ["VMSA-2012-0001"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2010-2059", "epss": "0.000440000", "percentile": "0.082320000", "modified": "2023-03-13"}, {"cve": "CVE-2010-2197", "epss": "0.002620000", "percentile": "0.621350000", "modified": "2023-03-13"}, {"cve": "CVE-2010-2198", "epss": "0.000420000", "percentile": "0.056400000", "modified": "2023-03-13"}, {"cve": "CVE-2010-2199", "epss": "0.000420000", "percentile": "0.056400000", "modified": "2023-03-13"}, {"cve": "CVE-2011-3378", "epss": "0.057440000", "percentile": "0.921430000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0060", "epss": "0.054010000", "percentile": "0.919270000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0061", "epss": "0.056130000", "percentile": "0.920640000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0815", "epss": "0.049280000", "percentile": "0.915470000", "modified": "2023-03-13"}], "vulnersScore": 0.5}, "_state": {"dependencies": 1676299156, "score": 1676299351, "epss": 1678788924}, "_internal": {"score_hash": "cff5aa5328537f236d0d17a1e712b661"}, "pluginID": "59679", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-26.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59679);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2197\", \"CVE-2010-2198\", \"CVE-2010-2199\", \"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(40512, 49799, 52865);\n script_xref(name:\"GLSA\", value:\"201206-26\");\n\n script_name(english:\"GLSA-201206-26 : RPM: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-26\n(RPM: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in RPM:\n fsm.c fails to properly strip setuid and setgid bits from executable\n files during a package upgrade (CVE-2010-2059).\n RPM does not properly parse spec files (CVE-2010-2197).\n fsm.c fails to properly strip POSIX file capabilities from executable\n files during a package upgrade or removal (CVE-2010-2198).\n fsm.c fails to properly strip POSIX ACLs from executable files during\n a package upgrade or removal (CVE-2010-2199).\n header.c does not properly parse region offsets in package files\n (CVE-2011-3378).\n RPM does not properly sanitize region tags in package headers\n (CVE-2012-0060).\n RPM does not properly sanitize region sizes in package headers\n (CVE-2012-0061).\n RPM does not properly sanitize region offsets in package\n headers(CVE-2012-0815).\n \nImpact :\n\n A local attacker may be able to gain elevated privileges. Furthermore, a\n remote attacker could entice a user to open a specially crafted RPM\n package, possibly resulting in execution of arbitrary code with the\n privileges of the process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-26\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All RPM users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/rpm-4.9.1.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/rpm\", unaffected:make_list(\"ge 4.9.1.3\"), vulnerable:make_list(\"lt 4.9.1.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"RPM\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "cpe": ["p-cpe:/a:gentoo:linux:rpm", "cpe:/o:gentoo:linux"], "solution": "All RPM users should upgrade to the latest version:\n # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/rpm-4.9.1.3'", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2012-06-24T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"openvas": [{"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-26.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-26 (RPM)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2010-2059", "CVE-2010-2197", "CVE-2012-0061", "CVE-2012-0060", "CVE-2010-2198", "CVE-2010-2199", "CVE-2011-3378"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071552", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071552", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_26.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71552\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2197\", \"CVE-2010-2198\", \"CVE-2010-2199\", \"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-26 (RPM)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in RPM, possibly allowing\nlocal attackers to gain elevated privileges or remote attackers to\nexecute arbitrary code.\");\n script_tag(name:\"solution\", value:\"All RPM users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/rpm-4.9.1.3'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-26\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=335880\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=384967\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=410949\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-26.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-arch/rpm\", unaffected: make_list(\"ge 4.9.1.3\"), vulnerable: make_list(\"lt 4.9.1.3\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:11", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-26.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-26 (RPM)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2010-2059", "CVE-2010-2197", "CVE-2012-0061", "CVE-2012-0060", "CVE-2010-2198", "CVE-2010-2199", "CVE-2011-3378"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71552", "href": "http://plugins.openvas.org/nasl.php?oid=71552", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in RPM, possibly allowing\nlocal attackers to gain elevated privileges or remote attackers to\nexecute arbitrary code.\";\ntag_solution = \"All RPM users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/rpm-4.9.1.3'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-26\nhttp://bugs.gentoo.org/show_bug.cgi?id=335880\nhttp://bugs.gentoo.org/show_bug.cgi?id=384967\nhttp://bugs.gentoo.org/show_bug.cgi?id=410949\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-26.\";\n\n \n \nif(description)\n{\n script_id(71552);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2197\", \"CVE-2010-2198\", \"CVE-2010-2199\", \"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-26 (RPM)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-arch/rpm\", unaffected: make_list(\"ge 4.9.1.3\"), vulnerable: make_list(\"lt 4.9.1.3\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:22:17", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2013-01-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for rpm USN-1695-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060", "CVE-2011-3378"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841285", "href": "http://plugins.openvas.org/nasl.php?oid=841285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1695_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for rpm USN-1695-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_insight = \"It was discovered that RPM incorrectly handled certain package headers. If\n a user or automated system were tricked into installing a specially crafted\n RPM package, an attacker could cause RPM to crash, resulting in a denial of\n service, or possibly execute arbitrary code.\";\ntag_solution = \"Please Install the Updated Packages.\";\ntag_affected = \"rpm on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\n\n\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1695-1/\");\n script_id(841285);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-21 09:51:04 +0530 (Mon, 21 Jan 2013)\");\n script_cve_id(\"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1695-1\");\n script_name(\"Ubuntu Update for rpm USN-1695-1\");\n\n script_summary(\"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.9.1.1-1ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.9.0-7ubuntu0.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.7.2-1lubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060", "CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864171\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:19 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\", \"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-5420\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5420\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"rpm on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for rpm USN-1695-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060", "CVE-2011-3378"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841285", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1695_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for rpm USN-1695-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"rpm on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that RPM incorrectly handled certain package headers. If\n a user or automated system were tricked into installing a specially crafted\n RPM package, an attacker could cause RPM to crash, resulting in a denial of\n service, or possibly execute arbitrary code.\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1695-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841285\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-21 09:51:04 +0530 (Mon, 21 Jan 2013)\");\n script_cve_id(\"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1695-1\");\n script_name(\"Ubuntu Update for rpm USN-1695-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.9.1.1-1ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.9.0-7ubuntu0.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpm\", ver:\"4.7.2-1lubuntu0.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-03T10:57:26", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060", "CVE-2011-3378"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:864171", "href": "http://plugins.openvas.org/nasl.php?oid=864171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 15\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\");\n script_id(864171);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:19 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\", \"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-5420\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5420\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for rpm CESA-2012:0451 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rpm CESA-2012:0451 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-April/018550.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881091\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:08 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0451\");\n script_name(\"CentOS Update for rpm CESA-2012:0451 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"rpm on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2012:056 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2012:056 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:056\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831592\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:52:19 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:056\");\n script_name(\"Mandriva Update for rpm MDVSA-2012:056 (rpm)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5\\.2|2010\\.1)\");\n script_tag(name:\"affected\", value:\"rpm on Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the way RPM parsed package file\n headers. An attacker could create a specially-crafted RPM package that,\n when its package header was accessed, or during package signature\n verification, could cause an application using the RPM library\n to crash or, potentially, execute arbitrary code (CVE-2012-0060,\n CVE-2012-0061, CVE-2012-0815).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5298", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864318", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864318", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5298\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864318\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:02:14 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5298\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5298\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"rpm on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:28", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for rpm CESA-2012:0451 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:881091", "href": "http://plugins.openvas.org/nasl.php?oid=881091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rpm CESA-2012:0451 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"rpm on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-April/018550.html\");\n script_id(881091);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:08 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0451\");\n script_name(\"CentOS Update for rpm CESA-2012:0451 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~19.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:11", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-61)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120587", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120587", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120587\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:30:10 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-61)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815 )\");\n script_tag(name:\"solution\", value:\"Run yum update rpm to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-61.html\");\n script_cve_id(\"CVE-2012-0060\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.8.0~19.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:50", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2012:0451-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:870580", "href": "http://plugins.openvas.org/nasl.php?oid=870580", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2012:0451-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-April/msg00001.html\");\n script_id(870580);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-05 10:19:41 +0530 (Thu, 05 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_xref(name: \"RHSA\", value: \"2012:0451-01\");\n script_name(\"RedHat Update for rpm RHSA-2012:0451-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:58:11", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5298", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:864318", "href": "http://plugins.openvas.org/nasl.php?oid=864318", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5298\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 17\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\");\n script_id(864318);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:02:14 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-5298\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5298\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2012:0451 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881143", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881143", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2012:0451 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-April/018549.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881143\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:21:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0451\");\n script_name(\"CentOS Update for popt CESA-2012:0451 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"popt on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864170\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:15 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_xref(name:\"FEDORA\", value:\"2012-5421\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5421\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"rpm on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-05T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2012:0451-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870580", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870580", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2012:0451-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-April/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870580\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-05 10:19:41 +0530 (Thu, 05 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_xref(name:\"RHSA\", value:\"2012:0451-01\");\n script_name(\"RedHat Update for rpm RHSA-2012:0451-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"rpm on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~28.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:44", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2012-5421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:864170", "href": "http://plugins.openvas.org/nasl.php?oid=864170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2012-5421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 16\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\");\n script_id(864170);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-23 11:53:15 +0530 (Mon, 23 Apr 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_xref(name: \"FEDORA\", value: \"2012-5421\");\n script_name(\"Fedora Update for rpm FEDORA-2012-5421\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.3~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:13", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2012:056 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:831592", "href": "http://plugins.openvas.org/nasl.php?oid=831592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2012:056 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple flaws were found in the way RPM parsed package file\n headers. An attacker could create a specially-crafted RPM package that,\n when its package header was accessed, or during package signature\n verification, could cause an application using the RPM library\n to crash or, potentially, execute arbitrary code (CVE-2012-0060,\n CVE-2012-0061, CVE-2012-0815).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"rpm on Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:056\");\n script_id(831592);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:52:19 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:056\");\n script_name(\"Mandriva Update for rpm MDVSA-2012:056 (rpm)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.6mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.6mnb2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~14.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:20", "description": "Check for the Version of popt", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2012:0451 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:881143", "href": "http://plugins.openvas.org/nasl.php?oid=881143", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2012:0451 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command-line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way RPM parsed package file headers. An\n attacker could create a specially-crafted RPM package that, when its\n package header was accessed, or during package signature verification,\n could cause an application using the RPM library (such as the rpm command\n line tool, or the yum and up2date package managers) to crash or,\n potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061,\n CVE-2012-0815)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network are protected by the use of a\n secure HTTPS connection in addition to the RPM package signature checks.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"popt on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-April/018549.html\");\n script_id(881143);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:21:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0451\");\n script_name(\"CentOS Update for popt CESA-2012:0451 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~28.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:05", "description": "Oracle Linux Local Security Checks ELSA-2012-0451", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0451", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0815", "CVE-2012-0061", "CVE-2012-0060"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123944", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0451.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123944\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0451\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0451 - rpm security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0451\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0451.html\");\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~28.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~19.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-14T11:48:37", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2010-10617", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862229", "href": "http://plugins.openvas.org/nasl.php?oid=862229", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2010-10617\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 12\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043749.html\");\n script_id(862229);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-12 11:56:20 +0200 (Mon, 12 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-10617\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_name(\"Fedora Update for rpm FEDORA-2010-10617\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.7.2~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:22", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2010-10617", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:1361412562310862229", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862229", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2010-10617\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 12\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043749.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862229\");\n script_version(\"$Revision: 8266 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 08:28:32 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-12 11:56:20 +0200 (Mon, 12 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-10617\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_name(\"Fedora Update for rpm FEDORA-2010-10617\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.7.2~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:01", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2010-9829", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:862224", "href": "http://plugins.openvas.org/nasl.php?oid=862224", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2010-9829\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 13\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043889.html\");\n script_id(862224);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-12 11:56:20 +0200 (Mon, 12 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9829\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_name(\"Fedora Update for rpm FEDORA-2010-9829\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.1~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:29", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-07-12T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2010-9829", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310862224", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862224", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2010-9829\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 13\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043889.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862224\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-12 11:56:20 +0200 (Mon, 12 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9829\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_name(\"Fedora Update for rpm FEDORA-2010-9829\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.1~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-October/018092.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881295\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:19:28 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:1349\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"popt on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:07:25", "description": "Check for the Version of popt", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:881411", "href": "http://plugins.openvas.org/nasl.php?oid=881411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"popt on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-November/018160.html\");\n script_id(881411);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:48:59 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:1349\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:00", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2011:1349-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870498", "href": "http://plugins.openvas.org/nasl.php?oid=870498", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2011:1349-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00000.html\");\n script_id(870498);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name: \"RHSA\", value: \"2011:1349-01\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"RedHat Update for rpm RHSA-2011:1349-01\");\n\n script_summary(\"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:04:00", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2011-14)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120488", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120488\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 11:26:54 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2011-14)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378 )\");\n script_tag(name:\"solution\", value:\"Run yum update rpm to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2011-14.html\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.8.0~16.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:33", "description": "Check for the Version of popt", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:881018", "href": "http://plugins.openvas.org/nasl.php?oid=881018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"popt on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-October/018091.html\");\n script_id(881018);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name: \"CESA\", value: \"2011:1349\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos5 i386\");\n\n script_summary(\"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:52", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2011:143 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831463", "href": "http://plugins.openvas.org/nasl.php?oid=831463", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2011:143 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code (CVE-2011-3378).\n\n Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise\n Server 5 updated perl-URPM and lzma (xz v5) packages are being provided\n to support upgrading to Mandriva Linux 2011.\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-10/msg00011.php\");\n script_id(831463);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name: \"MDVSA\", value: \"2011:143\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"Mandriva Update for rpm MDVSA-2011:143 (rpm)\");\n\n script_summary(\"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-URPM\", rpm:\"perl-URPM~3.18.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-URPM\", rpm:\"perl-URPM~3.18.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:52", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVA-2011:057 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831467", "href": "http://plugins.openvas.org/nasl.php?oid=831467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVA-2011:057 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered the xz v5.0.0 (lzma) changes in MDVSA-2011:143\n were incomplete. This advisory upgrades the xz package to the 5.0.3\n version and the spec-helper package to the 0.30.5 version to be able\n to handle lzma files.\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-10/msg00022.php\");\n script_id(831467);\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_xref(name: \"MDVA\", value: \"2011:057\");\n script_name(\"Mandriva Update for rpm MDVA-2011:057 (rpm)\");\n\n script_summary(\"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"spec-helper\", rpm:\"spec-helper~0.30.5~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"spec-helper\", rpm:\"spec-helper~0.30.5~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:51", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2011-13785", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863580", "href": "http://plugins.openvas.org/nasl.php?oid=863580", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2011-13785\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 15\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067794.html\");\n script_id(863580);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-13785\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"Fedora Update for rpm FEDORA-2011-13785\");\n\n script_summary(\"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.2~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:53", "description": "Check for the Version of popt", "cvss3": {}, "published": "2011-11-11T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:881031", "href": "http://plugins.openvas.org/nasl.php?oid=881031", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"popt on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-November/018159.html\");\n script_id(881031);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-11 09:54:13 +0530 (Fri, 11 Nov 2011)\");\n script_xref(name: \"CESA\", value: \"2011:1349\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos4 i386\");\n\n script_summary(\"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:56:17", "description": "Check for the Version of popt", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:881295", "href": "http://plugins.openvas.org/nasl.php?oid=881295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n \n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n \n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\";\n\ntag_affected = \"popt on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-October/018092.html\");\n script_id(881295);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:19:28 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:1349\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881411", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-November/018160.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881411\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:48:59 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:1349\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"popt on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-11T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881031", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881031", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-November/018159.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881031\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-11 09:54:13 +0530 (Fri, 11 Nov 2011)\");\n script_xref(name:\"CESA\", value:\"2011:1349\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"popt on CentOS 4\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4_8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2011:1349 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881018", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2011:1349 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-October/018091.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881018\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name:\"CESA\", value:\"2011:1349\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"CentOS Update for popt CESA-2011:1349 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"popt on CentOS 5\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2011:1349-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870498", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2011:1349-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870498\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name:\"RHSA\", value:\"2011:1349-01\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"RedHat Update for rpm RHSA-2011:1349-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"rpm on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code. (CVE-2011-3378)\n\n Note: Although an RPM package can, by design, execute arbitrary code when\n installed, this issue would allow a specially-crafted RPM package to\n execute arbitrary code before its digital signature has been verified.\n Package downloads from the Red Hat Network remain secure due to certificate\n checks performed on the secure connection.\n\n All RPM users should upgrade to these updated packages, which contain a\n backported patch to correct these issues. All running applications linked\n against the RPM library must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~35_nonptl.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2011:143 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831463", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831463", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2011:143 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-10/msg00011.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831463\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_xref(name:\"MDVSA\", value:\"2011:143\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"Mandriva Update for rpm MDVSA-2011:143 (rpm)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2009\\.0)\");\n script_tag(name:\"affected\", value:\"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the way the RPM library parsed package\n headers. An attacker could create a specially-crafted RPM package that,\n when queried or installed, would cause rpm to crash or, potentially,\n execute arbitrary code (CVE-2011-3378).\n\n Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise\n Server 5 updated perl-URPM and lzma (xz v5) packages are being provided\n to support upgrading to Mandriva Linux 2011.\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-URPM\", rpm:\"perl-URPM~3.18.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.0~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~14.1mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perl-URPM\", rpm:\"perl-URPM~3.18.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.0~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.4mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVA-2011:057 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831467", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVA-2011:057 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-10/msg00022.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831467\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_xref(name:\"MDVA\", value:\"2011:057\");\n script_name(\"Mandriva Update for rpm MDVA-2011:057 (rpm)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2009\\.0)\");\n script_tag(name:\"affected\", value:\"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"It was discovered the xz v5.0.0 (lzma) changes in MDVSA-2011:143\n were incomplete. This advisory upgrades the xz package to the 5.0.3\n version and the spec-helper package to the 0.30.5 version to be able\n to handle lzma files.\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"spec-helper\", rpm:\"spec-helper~0.30.5~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.3~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.5mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"liblzma5\", rpm:\"liblzma5~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblzma-devel\", rpm:\"liblzma-devel~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"spec-helper\", rpm:\"spec-helper~0.30.5~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xz\", rpm:\"xz~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma5\", rpm:\"lib64lzma5~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64lzma-devel\", rpm:\"lib64lzma-devel~5.0.3~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.5mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2011-13785", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863580", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863580", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2011-13785\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067794.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863580\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-13785\");\n script_cve_id(\"CVE-2011-3378\");\n script_name(\"Fedora Update for rpm FEDORA-2011-13785\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"rpm on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.2~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2011-13766", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2011-13766\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067512.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864047\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:05:09 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-13766\");\n script_name(\"Fedora Update for rpm FEDORA-2011-13766\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"rpm on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.2~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:06:51", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for rpm FEDORA-2011-13766", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864047", "href": "http://plugins.openvas.org/nasl.php?oid=864047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpm FEDORA-2011-13766\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Fedora 16\";\ntag_insight = \"The RPM Package Manager (RPM) is a powerful command line driven\n package management system capable of installing, uninstalling,\n verifying, querying, and updating software packages. Each software\n package consists of an archive of files along with information about\n the package like its version, a description, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067512.html\");\n script_id(864047);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:05:09 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-13766\");\n script_name(\"Fedora Update for rpm FEDORA-2011-13766\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.9.1.2~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:55", "description": "Oracle Linux Local Security Checks ELSA-2011-1349", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1349", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3378"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1349.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122079\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:43 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1349\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1349 - rpm security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1349\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1349.html\");\n script_cve_id(\"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~22.0.1.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-cron\", rpm:\"rpm-cron~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.8.0~16.el6_1.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-21T11:32:27", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2010:0679-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:1361412562310870322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2010:0679-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading packages. A local attacker able to create hard\n links to binaries could use this flaw to keep those binaries on the system,\n at a specific version level and with the setuid or setgid bit set, even if\n the package providing them was upgraded by a system administrator. This\n could have security implications if a package was upgraded because of a\n security flaw in a setuid or setgid program. (CVE-2010-2059)\n\n This update also fixes the following bug:\n\n * A memory leak in the communication between RPM and the Security-Enhanced\n Linux (SELinux) subsystem, which could have caused extensive memory\n consumption. In reported cases, this issue was triggered by running\n rhn_check when errata were scheduled to be applied. (BZ#627630)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-September/msg00005.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870322\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0679-01\");\n script_cve_id(\"CVE-2010-2059\");\n script_name(\"RedHat Update for rpm RHSA-2010:0679-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:34", "description": "Check for the Version of popt", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2010:0679 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880603", "href": "http://plugins.openvas.org/nasl.php?oid=880603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2010:0679 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading packages. A local attacker able to create hard\n links to binaries could use this flaw to keep those binaries on the system,\n at a specific version level and with the setuid or setgid bit set, even if\n the package providing them was upgraded by a system administrator. This\n could have security implications if a package was upgraded because of a\n security flaw in a setuid or setgid program. (CVE-2010-2059)\n \n This update also fixes the following bug:\n \n * A memory leak in the communication between RPM and the Security-Enhanced\n Linux (SELinux) subsystem, which could have caused extensive memory\n consumption. In reported cases, this issue was triggered by running\n rhn_check when errata were scheduled to be applied. (BZ#627630)\n \n All users of rpm are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"popt on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-September/016979.html\");\n script_id(880603);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0679\");\n script_cve_id(\"CVE-2010-2059\");\n script_name(\"CentOS Update for popt CESA-2010:0679 centos5 i386\");\n\n script_summary(\"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:10:43", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2010:0679-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059"], "modified": "2017-12-11T00:00:00", "id": "OPENVAS:870322", "href": "http://plugins.openvas.org/nasl.php?oid=870322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2010:0679-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading packages. A local attacker able to create hard\n links to binaries could use this flaw to keep those binaries on the system,\n at a specific version level and with the setuid or setgid bit set, even if\n the package providing them was upgraded by a system administrator. This\n could have security implications if a package was upgraded because of a\n security flaw in a setuid or setgid program. (CVE-2010-2059)\n\n This update also fixes the following bug:\n\n * A memory leak in the communication between RPM and the Security-Enhanced\n Linux (SELinux) subsystem, which could have caused extensive memory\n consumption. In reported cases, this issue was triggered by running\n rhn_check when errata were scheduled to be applied. (BZ#627630)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-September/msg00005.html\");\n script_id(870322);\n script_version(\"$Revision: 8068 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-11 07:31:34 +0100 (Mon, 11 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0679-01\");\n script_cve_id(\"CVE-2010-2059\");\n script_name(\"RedHat Update for rpm RHSA-2010:0679-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~20.el5_5.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2010:0679 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880603", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2010:0679 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-September/016979.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880603\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2010:0679\");\n script_cve_id(\"CVE-2010-2059\");\n script_name(\"CentOS Update for popt CESA-2010:0679 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'popt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"popt on CentOS 5\");\n script_tag(name:\"insight\", value:\"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading packages. A local attacker able to create hard\n links to binaries could use this flaw to keep those binaries on the system,\n at a specific version level and with the setuid or setgid bit set, even if\n the package providing them was upgraded by a system administrator. This\n could have security implications if a package was upgraded because of a\n security flaw in a setuid or setgid program. (CVE-2010-2059)\n\n This update also fixes the following bug:\n\n * A memory leak in the communication between RPM and the Security-Enhanced\n Linux (SELinux) subsystem, which could have caused extensive memory\n consumption. In reported cases, this issue was triggered by running\n rhn_check when errata were scheduled to be applied. (BZ#627630)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~20.el5_5.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:13", "description": "Oracle Linux Local Security Checks ELSA-2010-0679", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0679", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2059"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122323", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122323", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0679.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122323\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:48 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0679\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0679 - rpm security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0679\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0679.html\");\n script_cve_id(\"CVE-2010-2059\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.10.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-apidocs\", rpm:\"rpm-apidocs~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.4.2.3~20.el5_5.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:05:06", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2010:180 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:1361412562310831160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2010:180 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in rpm:\n\n lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and\n RPM before 4.4.3, does not properly reset the metadata of an executable\n file during replacement of the file in an RPM package upgrade, which\n might allow local users to gain privileges by creating a hard link\n to a vulnerable (1) setuid or (2) setgid file (CVE-2010-2059).\n\n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00014.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831160\");\n script_version(\"$Revision: 8274 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 08:28:17 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:180\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2005-4889\");\n script_name(\"Mandriva Update for rpm MDVSA-2010:180 (rpm)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:57:51", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2010:0678-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:870316", "href": "http://plugins.openvas.org/nasl.php?oid=870316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2010:0678-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading or removing packages. A local attacker able to\n create hard links to binaries could use this flaw to keep those binaries on\n the system, at a specific version level and with the setuid or setgid bit\n set, even if the package providing them was upgraded or removed by a system\n administrator. This could have security implications if a package was\n upgraded or removed because of a security flaw in a setuid or setgid\n program. (CVE-2005-4889, CVE-2010-2059)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain a backported patch to correct these issues.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-September/msg00004.html\");\n script_id(870316);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0678-01\");\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\");\n script_name(\"RedHat Update for rpm RHSA-2010:0678-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-15T11:58:05", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Mandriva Update for rpm MDVSA-2010:180 (rpm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:831160", "href": "http://plugins.openvas.org/nasl.php?oid=831160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVSA-2010:180 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in rpm:\n\n lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and\n RPM before 4.4.3, does not properly reset the metadata of an executable\n file during replacement of the file in an RPM package upgrade, which\n might allow local users to gain privileges by creating a hard link\n to a vulnerable (1) setuid or (2) setgid file (CVE-2010-2059).\n\n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"rpm on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00014.php\");\n script_id(831160);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:180\");\n script_cve_id(\"CVE-2010-2059\", \"CVE-2005-4889\");\n script_name(\"Mandriva Update for rpm MDVSA-2010:180 (rpm)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpopt0\", rpm:\"libpopt0~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpopt-devel\", rpm:\"libpopt-devel~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm4.4\", rpm:\"librpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"popt-data\", rpm:\"popt-data~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt0\", rpm:\"lib64popt0~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64popt-devel\", rpm:\"lib64popt-devel~1.10.8~32.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.4\", rpm:\"lib64rpm4.4~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.4.2.3~20.1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:49:06", "description": "Check for the Version of popt", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2010:0678 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:880421", "href": "http://plugins.openvas.org/nasl.php?oid=880421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2010:0678 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading or removing packages. A local attacker able to\n create hard links to binaries could use this flaw to keep those binaries on\n the system, at a specific version level and with the setuid or setgid bit\n set, even if the package providing them was upgraded or removed by a system\n administrator. This could have security implications if a package was\n upgraded or removed because of a security flaw in a setuid or setgid\n program. (CVE-2005-4889, CVE-2010-2059)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain a backported patch to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"popt on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-September/016966.html\");\n script_id(880421);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0678\");\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\");\n script_name(\"CentOS Update for popt CESA-2010:0678 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:59", "description": "Check for the Version of popt", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "CentOS Update for popt CESA-2010:0678 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310880421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for popt CESA-2010:0678 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading or removing packages. A local attacker able to\n create hard links to binaries could use this flaw to keep those binaries on\n the system, at a specific version level and with the setuid or setgid bit\n set, even if the package providing them was upgraded or removed by a system\n administrator. This could have security implications if a package was\n upgraded or removed because of a security flaw in a setuid or setgid\n program. (CVE-2005-4889, CVE-2010-2059)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain a backported patch to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"popt on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-September/016966.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880421\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0678\");\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\");\n script_name(\"CentOS Update for popt CESA-2010:0678 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of popt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~33_nonptl.el4_8.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:40", "description": "Check for the Version of rpm", "cvss3": {}, "published": "2010-09-10T00:00:00", "type": "openvas", "title": "RedHat Update for rpm RHSA-2010:0678-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310870316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpm RHSA-2010:0678-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The RPM Package Manager (RPM) is a command line driven package management\n system capable of installing, uninstalling, verifying, querying, and\n updating software packages.\n\n It was discovered that RPM did not remove setuid and setgid bits set on\n binaries when upgrading or removing packages. A local attacker able to\n create hard links to binaries could use this flaw to keep those binaries on\n the system, at a specific version level and with the setuid or setgid bit\n set, even if the package providing them was upgraded or removed by a system\n administrator. This could have security implications if a package was\n upgraded or removed because of a security flaw in a setuid or setgid\n program. (CVE-2005-4889, CVE-2010-2059)\n\n All users of rpm are advised to upgrade to these updated packages, which\n contain a backported patch to correct these issues.\";\n\ntag_affected = \"rpm on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-September/msg00004.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870316\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0678-01\");\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\");\n script_name(\"RedHat Update for rpm RHSA-2010:0678-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"popt\", rpm:\"popt~1.9.1~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-debuginfo\", rpm:\"rpm-debuginfo~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-devel\", rpm:\"rpm-devel~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-libs\", rpm:\"rpm-libs~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-python\", rpm:\"rpm-python~4.3.3~33_nonptl.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-19T16:08:42", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm (VMSA-2011-0004.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103453\");\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\", \"CVE-2010-3316\", \"CVE-2010-3435\", \"CVE-2010-3853\", \"CVE-2010-2059\", \"CVE-2010-3609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm (VMSA-2011-0004.3)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:14 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2011-0004.html\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\");\n\n script_tag(name:\"affected\", value:\"VMware ESXi 4.1 without patch ESXi410-201101201-SG\n\n VMware ESXi 4.0 without patch ESXi400-201103401-SG\n\n VMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG\n\n VMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG\");\n\n script_tag(name:\"impact\", value:\"a. Service Location Protocol daemon DoS\n\n Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.\");\n\n script_tag(name:\"insight\", value:\"Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\n for bind, pam, and rpm.\n\n a. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD).\n\n b. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\n c. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\n d. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201101201-SG\",\n \"4.0.0\", \"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-10-30T10:48:45", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\n\nSummary\n\nService Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\nfor bind, pam, and rpm.\n\nRelevant releases\n\nVMware ESXi 4.1 without patch ESXi410-201101201-SG.\nVMware ESXi 4.0 without patch ESXi400-201103401-SG.\nVMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG.\nVMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG.\n\nProblem Description\n\na. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of\n this vulnerability could cause SLPD to consume significant CPU resources.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3609", "CVE-2010-2059", "CVE-2010-3316", "CVE-2010-3614", "CVE-2010-3613", "CVE-2010-3762", "CVE-2010-3435", "CVE-2010-3853"], "modified": "2017-10-26T00:00:00", "id": "OPENVAS:103453", "href": "http://plugins.openvas.org/nasl.php?oid=103453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2011-0004.nasl 7583 2017-10-26 12:07:01Z cfischer $\n#\n# VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.\n\nSummary\n\nService Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates\nfor bind, pam, and rpm.\n\nRelevant releases\n\nVMware ESXi 4.1 without patch ESXi410-201101201-SG.\nVMware ESXi 4.0 without patch ESXi400-201103401-SG.\nVMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG.\nVMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG.\n\nProblem Description\n\na. Service Location Protocol daemon DoS\n\n This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of\n this vulnerability could cause SLPD to consume significant CPU resources.\n\nb. Service Console update for bind\n\n This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security\n issues.\n\nc. Service Console update for pam\n\n This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules.\n\nd. Service Console update for rpm, rpm-libs, rpm-python, and popt\n\n This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which\n resolves a security issue.\";\n\ntag_solution = \"Apply the missing patch(es).\";\n\nif (description)\n{\n script_id(103453);\n script_cve_id(\"CVE-2010-3613\", \"CVE-2010-3614\", \"CVE-2010-3762\", \"CVE-2010-3316\", \"CVE-2010-3435\", \"CVE-2010-3853\", \"CVE-2010-2059\", \"CVE-2010-3609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 7583 $\");\n script_name(\"VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-26 14:07:01 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:14 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2011-0004.html\");\n exit(0);\n}\n\ninclude(\"version_func.inc\"); # Used in _esxi_patch_missing()\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201101201-SG\",\n \"4.0.0\",\"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n\n\n\n\n\n\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-19T16:09:24", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.", "cvss3": {}, "published": "2012-08-31T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX updates to third party libraries (VMSA-2012-0013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-3188", "CVE-2011-4108", "CVE-2011-4609", "CVE-2011-4128", "CVE-2012-0815", "CVE-2011-3597", "CVE-2011-4324", "CVE-2011-4110", "CVE-2011-4576", "CVE-2011-4577", "CVE-2012-0507", "CVE-2010-4180", "CVE-2010-4410", "CVE-2011-2699", "CVE-2011-4619", "CVE-2010-2761", "CVE-2011-4132", "CVE-2011-0014", "CVE-2010-0830", "CVE-2011-2484", "CVE-2012-1583", "CVE-2012-0061", "CVE-2012-0393", "CVE-2011-3209", "CVE-2012-0050", "CVE-2011-3363", "CVE-2012-0060", "CVE-2011-1833", "CVE-2012-0207", "CVE-2011-1020", "CVE-2012-2110", "CVE-2012-1569", "CVE-2010-4252", "CVE-2012-0841", "CVE-2009-5029", "CVE-2011-4325", "CVE-2012-1573", "CVE-2011-4109", "CVE-2011-1089", "CVE-2009-5064", "CVE-2011-2496"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103558\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-4252\", \"CVE-2011-0014\", \"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0050\",\n \"CVE-2012-2110\", \"CVE-2011-1833\", \"CVE-2011-2484\", \"CVE-2011-2496\", \"CVE-2011-3188\", \"CVE-2011-3209\", \"CVE-2011-3363\", \"CVE-2011-4110\", \"CVE-2011-1020\",\n \"CVE-2011-4132\", \"CVE-2011-4324\", \"CVE-2011-4325\", \"CVE-2012-0207\", \"CVE-2011-2699\", \"CVE-2012-1583\", \"CVE-2010-2761\", \"CVE-2010-4410\", \"CVE-2011-3597\",\n \"CVE-2012-0841\", \"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\", \"CVE-2012-0864\", \"CVE-2011-4128\", \"CVE-2012-1569\",\n \"CVE-2012-1573\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\", \"CVE-2012-0393\", \"CVE-2012-0507\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX updates to third party libraries (VMSA-2012-0013)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-08-31 11:02:01 +0100 (Fri, 31 Aug 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2012-0013.html\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.\");\n\n script_tag(name:\"affected\", value:\"VMware ESX without patches ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG\n\n VMware ESXi without patch ESXi410-201208101-SG\");\n\n script_tag(name:\"insight\", value:\"a. vCenter and ESX update to JRE 1.6.0 Update 31\n\n The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple\n security issues. Oracle has documented the CVE identifiers that are addressed by\n this update in the Oracle Java SE Critical Patch Update Advisory of February 2012.\n\n b. vCenter Update Manager update to JRE 1.5.0 Update 36\n\n The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues.\n Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in\n the Oracle Java SE Critical Patch Update Advisory for June 2012.\n\n c. Update to ESX/ESXi userworld OpenSSL library\n\n The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version\n 0.9.8t to resolve multiple security issues.\n\n d. Update to ESX service console OpenSSL RPM\n\n The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to\n resolve a security issue.\n\n e. Update to ESX service console kernel\n\n The ESX service console kernel is updated to resolve multiple security issues.\n\n f. Update to ESX service console Perl RPM\n\n The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to\n resolve multiple security issues.\n\n g. Update to ESX service console libxml2 RPM\n\n The ESX service console libmxl2 RPMs are updated to\n libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to\n resolve a security issue.\n\n h. Update to ESX service console glibc RPM\n\n The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to\n resolve multiple security issues.\n\n i. Update to ESX service console GnuTLS RPM\n\n The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to\n resolve multiple security issues.\n\n j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS\n\n The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to\n the following versions to resolve multiple security issues:\n\n k. Vulnerability in third party Apache Struts component\n\n The version of Apache Struts in vCenter Operations has been updated to 2.3.4\n which addresses an arbitrary file overwrite vulnerability. This vulnerability\n allows an attacker to create a denial of service by overwriting arbitrary files\n without authentication. The attacker would need to be on the same network as the\n system where vCOps is installed.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-Update03:2012-08-30\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:58", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.\n\nSummary\nVMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities.\n\nRelevant releases\nVMware vCenter 4.1 without Update 3\nVMware vCenter Update Manager 4.1 without Update 3\nVMware ESX without patches ESX410-201208101-SG, ESX410-201208102-SG,\n ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG,\n ESX410-201208106-SG, ESX410-201208107-SG\nVMware ESXi without patch ESXi410-201208101-SG\n \n\nProblem Description\na. vCenter and ESX update to JRE 1.6.0 Update 31\n\nThe Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple\nsecurity issues. Oracle has documented the CVE identifiers that are addressed by\nthis update in the Oracle Java SE Critical Patch Update Advisory of February\n2012.\n\nb. vCenter Update Manager update to JRE 1.5.0 Update 36\n\nThe Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues.\nOracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in\nthe Oracle Java SE Critical Patch Update Advisory for June 2012.\n\nc. Update to ESX/ESXi userworld OpenSSL library\n\nThe ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version\n0.9.8t to resolve multiple security issues.\n\nd. Update to ESX service console OpenSSL RPM\n\nThe service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to\nresolve a security issue.\n\ne. Update to ESX service console kernel\n\nThe ESX service console kernel is updated to resolve multiple security issues.\n\nf. Update to ESX service console Perl RPM\n\nThe ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to\nresolve multiple security issues.\n\ng. Update to ESX service console libxml2 RPM\n\nThe ESX service console libmxl2 RPMs are updated to\nlibxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to\nresolve a security issue.\n\nh. Update to ESX service console glibc RPM\n\nThe ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to\nresolve multiple security issues.\n\ni. Update to ESX service console GnuTLS RPM\n\nThe ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to\nresolve multiple security issues.\n\nj. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS\n\nThe ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to\nthe following versions to resolve multiple security issues:\n\nk. Vulnerability in third party Apache Struts component\n\nThe version of Apache Struts in vCenter Operations has been updated to 2.3.4\nwhich addresses an arbitrary file overwrite vulnerability. This vulnerability\nallows an attacker to create a denial of service by overwriting arbitrary files\nwithout authentication. The attacker would need to be on the same network as the\nsystem where vCOps is installed.\n\nSolution\nApply the missing patch(es).", "cvss3": {}, "published": "2012-08-31T00:00:00", "type": "openvas", "title": "VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-3188", "CVE-2011-4108", "CVE-2011-4609", "CVE-2011-4128", "CVE-2012-0815", "CVE-2011-3597", "CVE-2011-4324", "CVE-2011-4110", "CVE-2011-4576", "CVE-2011-4577", "CVE-2012-0507", "CVE-2010-4180", "CVE-2010-4410", "CVE-2011-2699", "CVE-2011-4619", "CVE-2010-2761", "CVE-2011-4132", "CVE-2011-0014", "CVE-2010-0830", "CVE-2011-2484", "CVE-2012-1583", "CVE-2012-0061", "CVE-2012-0393", "CVE-2011-3209", "CVE-2012-0050", "CVE-2011-3363", "CVE-2012-0060", "CVE-2011-1833", "CVE-2012-0207", "CVE-2011-1020", "CVE-2012-2110", "CVE-2012-1569", "CVE-2010-4252", "CVE-2012-0841", "CVE-2009-5029", "CVE-2011-4325", "CVE-2012-1573", "CVE-2011-4109", "CVE-2011-1089", "CVE-2009-5064", "CVE-2011-2496"], "modified": "2017-04-12T00:00:00", "id": "OPENVAS:103558", "href": "http://plugins.openvas.org/nasl.php?oid=103558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2012-0013.nasl 5940 2017-04-12 09:02:05Z teissa $\n#\n# VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.\n\nSummary\nVMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities.\n\nRelevant releases\nVMware vCenter 4.1 without Update 3\nVMware vCenter Update Manager 4.1 without Update 3\nVMware ESX without patches ESX410-201208101-SG, ESX410-201208102-SG,\n ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG,\n ESX410-201208106-SG, ESX410-201208107-SG\nVMware ESXi without patch ESXi410-201208101-SG\n \n\nProblem Description\na. vCenter and ESX update to JRE 1.6.0 Update 31\n\nThe Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple\nsecurity issues. Oracle has documented the CVE identifiers that are addressed by\nthis update in the Oracle Java SE Critical Patch Update Advisory of February\n2012.\n\nb. vCenter Update Manager update to JRE 1.5.0 Update 36\n\nThe Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues.\nOracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in\nthe Oracle Java SE Critical Patch Update Advisory for June 2012.\n\nc. Update to ESX/ESXi userworld OpenSSL library\n\nThe ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version\n0.9.8t to resolve multiple security issues.\n\nd. Update to ESX service console OpenSSL RPM\n\nThe service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to\nresolve a security issue.\n\ne. Update to ESX service console kernel\n\nThe ESX service console kernel is updated to resolve multiple security issues.\n\nf. Update to ESX service console Perl RPM\n\nThe ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to\nresolve multiple security issues.\n\ng. Update to ESX service console libxml2 RPM\n\nThe ESX service console libmxl2 RPMs are updated to\nlibxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to\nresolve a security issue.\n\nh. Update to ESX service console glibc RPM\n\nThe ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to\nresolve multiple security issues.\n\ni. Update to ESX service console GnuTLS RPM\n\nThe ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to\nresolve multiple security issues.\n\nj. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS\n\nThe ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to\nthe following versions to resolve multiple security issues:\n\nk. Vulnerability in third party Apache Struts component\n\nThe version of Apache Struts in vCenter Operations has been updated to 2.3.4\nwhich addresses an arbitrary file overwrite vulnerability. This vulnerability\nallows an attacker to create a denial of service by overwriting arbitrary files\nwithout authentication. The attacker would need to be on the same network as the\nsystem where vCOps is installed.\n\nSolution\nApply the missing patch(es).\";\n\n\nif (description)\n{\n script_id(103558);\n script_cve_id(\"CVE-2010-4180\",\"CVE-2010-4252\",\"CVE-2011-0014\",\"CVE-2011-4108\",\"CVE-2011-4109\",\"CVE-2011-4576\",\"CVE-2011-4577\",\"CVE-2011-4619\",\"CVE-2012-0050\",\n \"CVE-2012-2110\",\"CVE-2011-1833\",\"CVE-2011-2484\",\"CVE-2011-2496\",\"CVE-2011-3188\",\"CVE-2011-3209\",\"CVE-2011-3363\",\"CVE-2011-4110\",\"CVE-2011-1020\",\n \"CVE-2011-4132\",\"CVE-2011-4324\",\"CVE-2011-4325\",\"CVE-2012-0207\",\"CVE-2011-2699\",\"CVE-2012-1583\",\"CVE-2010-2761\",\"CVE-2010-4410\",\"CVE-2011-3597\",\n \"CVE-2012-0841\",\"CVE-2009-5029\",\"CVE-2009-5064\",\"CVE-2010-0830\",\"CVE-2011-1089\",\"CVE-2011-4609\",\"CVE-2012-0864\",\"CVE-2011-4128\",\"CVE-2012-1569\",\n \"CVE-2012-1573\",\"CVE-2012-0060\",\"CVE-2012-0061\",\"CVE-2012-0815\",\"CVE-2012-0393\",\"CVE-2012-0507\");\n\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 5940 $\");\n script_name(\"VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-12 11:02:05 +0200 (Wed, 12 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-31 11:02:01 +0100 (Fri, 31 Aug 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2012-0013.html\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-Update03:2012-08-30\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:29", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0001.\n\nSummary\n\nVMware ESXi and ESX updates to third party library and ESX Service Console address\nseveral security issues.\n\nRelevant releases:\n\nESXi 4.1 without patch ESXi410-201201401-SG\nESXi 5.0 without patch ESXi500-201203101-SG\nESXi 4.0 without patch ESXi400-201203401-SG\n\nESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,\nESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG,\nESX410-201201407-SG.\n \nProblem Description\n\na. ESX third party update for Service Console kernel\n\n The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-274.3.1.el5\n to fix multiple security issues in the COS kernel.\n \nb. ESX third party update for Service Console cURL RPM\n\n The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9 resolving a security issue.\n\nc. ESX third party update for Service Console nspr and nss RPMs\n\n The ESX Service Console (COS) nspr and nss RPMs are updated to nspr-4.8.8-1.el5_7 and\n nss-3.12.10-4.el5_7 respectively resolving a security issue.\n\n A Certificate Authority (CA) issued fraudulent SSL certificates and Netscape\n Portable Runtime (NSPR) and Network Security Services (NSS) contain the\n built-in tokens of this fraudulent Certificate Authority. This update renders\n all SSL certificates signed by the fraudulent CA as untrusted for all uses.\n\nd. ESX third party update for Service Console rpm RPMs\n\n The ESX Service Console Operating System (COS) rpm packages are updated to\n popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2, rpm-libs-4.4.2.3-22.el5_7.2\n and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security issues.\n\ne. ESX third party update for Service Console samba RPMs\n\n The ESX Service Console Operating System (COS) samba packages are updated to\n samba-client-3.0.33-3.29.el5_7.4, samba-common-3.0.33-3.29.el5_7.4 and\n libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security issues in the\n Samba client.\n\nf. ESX third party update for Service Console python package\n\n The ESX Service Console (COS) python package is updated to 2.4.3-44 which fixes\n multiple security issues.\n\ng. ESXi update to third party component python\n\n The python third party library is updated to python 2.5.6 which fixes multiple\n security issues.", "cvss3": {}, "published": "2012-03-15T00:00:00", "type": "openvas", "title": "VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0547", "CVE-2010-3493", "CVE-2011-1746", "CVE-2011-1678", "CVE-2011-0695", "CVE-2011-1521", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-2491", "CVE-2010-4649", "CVE-2010-2059", "CVE-2011-1776", "CVE-2011-2517", "CVE-2011-1576", "CVE-2011-1573", "CVE-2011-2492", "CVE-2011-1780", "CVE-2011-2495", "CVE-2011-1166", "CVE-2011-0711", "CVE-2011-2901", "CVE-2011-2022", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1495", "CVE-2010-0787", "CVE-2011-1163", "CVE-2011-2519", "CVE-2010-2089", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-2522", "CVE-2011-1170", "CVE-2011-1936", "CVE-2011-2482", "CVE-2011-1172", "CVE-2011-1171", "CVE-2011-2213", "CVE-2011-1015", "CVE-2011-2689", "CVE-2009-3720", "CVE-2011-3378", "CVE-2010-1634", "CVE-2009-3560", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1763", "CVE-2011-2525", "CVE-2011-1080", "CVE-2011-2694", "CVE-2011-1577", "CVE-2011-2192"], "modified": "2017-04-19T00:00:00", "id": "OPENVAS:103448", "href": "http://plugins.openvas.org/nasl.php?oid=103448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2012-0001.nasl 5977 2017-04-19 09:02:22Z teissa $\n#\n# VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2012-0001.\n\nSummary\n\nVMware ESXi and ESX updates to third party library and ESX Service Console address\nseveral security issues.\n\nRelevant releases:\n\nESXi 4.1 without patch ESXi410-201201401-SG\nESXi 5.0 without patch ESXi500-201203101-SG\nESXi 4.0 without patch ESXi400-201203401-SG\n\nESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,\nESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG,\nESX410-201201407-SG.\n \nProblem Description\n\na. ESX third party update for Service Console kernel\n\n The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-274.3.1.el5\n to fix multiple security issues in the COS kernel.\n \nb. ESX third party update for Service Console cURL RPM\n\n The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9 resolving a security issue.\n\nc. ESX third party update for Service Console nspr and nss RPMs\n\n The ESX Service Console (COS) nspr and nss RPMs are updated to nspr-4.8.8-1.el5_7 and\n nss-3.12.10-4.el5_7 respectively resolving a security issue.\n\n A Certificate Authority (CA) issued fraudulent SSL certificates and Netscape\n Portable Runtime (NSPR) and Network Security Services (NSS) contain the\n built-in tokens of this fraudulent Certificate Authority. This update renders\n all SSL certificates signed by the fraudulent CA as untrusted for all uses.\n\nd. ESX third party update for Service Console rpm RPMs\n\n The ESX Service Console Operating System (COS) rpm packages are updated to\n popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2, rpm-libs-4.4.2.3-22.el5_7.2\n and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security issues.\n\ne. ESX third party update for Service Console samba RPMs\n\n The ESX Service Console Operating System (COS) samba packages are updated to\n samba-client-3.0.33-3.29.el5_7.4, samba-common-3.0.33-3.29.el5_7.4 and\n libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security issues in the\n Samba client.\n\nf. ESX third party update for Service Console python package\n\n The ESX Service Console (COS) python package is updated to 2.4.3-44 which fixes\n multiple security issues.\n\ng. ESXi update to third party component python\n\n The python third party library is updated to python 2.5.6 which fixes multiple\n security issues.\";\n\ntag_solution = \"Apply the missing patch(es).\";\n\nif (description)\n{\n script_id(103448);\n script_cve_id(\"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2010-1634\", \"CVE-2010-2059\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2010-4649\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1015\", \"CVE-2011-1044\", \"CVE-2011-1078\", \"CVE-2011-1079\", \"CVE-2011-1080\", \"CVE-2011-1093\", \"CVE-2011-1163\", \"CVE-2011-1166\", \"CVE-2011-1170\", \"CVE-2011-1171\", \"CVE-2011-1172\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1521\", \"CVE-2011-1573\", \"CVE-2011-1576\", \"CVE-2011-1577\", \"CVE-2011-1593\", \"CVE-2011-1678\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1763\", \"CVE-2011-1776\", \"CVE-2011-1780\", \"CVE-2011-1936\", \"CVE-2011-2022\", \"CVE-2011-2192\", \"CVE-2011-2213\", \"CVE-2011-2482\", \"CVE-2011-2491\", \"CVE-2011-2492\", \"CVE-2011-2495\", \"CVE-2011-2517\", \"CVE-2011-2519\", \"CVE-2011-2522\", \"CVE-2011-2525\", \"CVE-2011-2689\", \"CVE-2011-2694\", \"CVE-2011-2901\", \"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 5977 $\");\n script_name(\"VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-15 14:13:01 +0100 (Thu, 15 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2012-0001.html\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201201401-SG\",\n \"4.0.0\", \"ESXi400-201203401-SG\",\n \"5.0.0\", \"VIB:esx-base:5.0.0-0.10.608089\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n\n\n\n\n\n\n\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-19T16:08:49", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0001.", "cvss3": {}, "published": "2012-03-15T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX updates to third party library and ESX Service Console (VMSA-2012-0001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0547", "CVE-2010-3493", "CVE-2011-1746", "CVE-2011-1678", "CVE-2011-0695", "CVE-2011-1521", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-2491", "CVE-2010-4649", "CVE-2010-2059", "CVE-2011-1776", "CVE-2011-2517", "CVE-2011-1576", "CVE-2011-1573", "CVE-2011-2492", "CVE-2011-1780", "CVE-2011-2495", "CVE-2011-1166", "CVE-2011-0711", "CVE-2011-2901", "CVE-2011-2022", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1495", "CVE-2010-0787", "CVE-2011-1163", "CVE-2011-2519", "CVE-2010-2089", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-2522", "CVE-2011-1170", "CVE-2011-1936", "CVE-2011-2482", "CVE-2011-1172", "CVE-2011-1171", "CVE-2011-2213", "CVE-2011-1015", "CVE-2011-2689", "CVE-2009-3720", "CVE-2011-3378", "CVE-2010-1634", "CVE-2009-3560", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1763", "CVE-2011-2525", "CVE-2011-1080", "CVE-2011-2694", "CVE-2011-1577", "CVE-2011-2192"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103448", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103448\");\n script_cve_id(\"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2010-0547\", \"CVE-2010-0787\", \"CVE-2010-1634\", \"CVE-2010-2059\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2010-4649\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1015\", \"CVE-2011-1044\", \"CVE-2011-1078\", \"CVE-2011-1079\", \"CVE-2011-1080\", \"CVE-2011-1093\", \"CVE-2011-1163\", \"CVE-2011-1166\", \"CVE-2011-1170\", \"CVE-2011-1171\", \"CVE-2011-1172\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1521\", \"CVE-2011-1573\", \"CVE-2011-1576\", \"CVE-2011-1577\", \"CVE-2011-1593\", \"CVE-2011-1678\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1763\", \"CVE-2011-1776\", \"CVE-2011-1780\", \"CVE-2011-1936\", \"CVE-2011-2022\", \"CVE-2011-2192\", \"CVE-2011-2213\", \"CVE-2011-2482\", \"CVE-2011-2491\", \"CVE-2011-2492\", \"CVE-2011-2495\", \"CVE-2011-2517\", \"CVE-2011-2519\", \"CVE-2011-2522\", \"CVE-2011-2525\", \"CVE-2011-2689\", \"CVE-2011-2694\", \"CVE-2011-2901\", \"CVE-2011-3378\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX updates to third party library and ESX Service Console (VMSA-2012-0001)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-15 14:13:01 +0100 (Thu, 15 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2012-0001.html\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2012-0001.\");\n\n script_tag(name:\"affected\", value:\"ESXi 4.1 without patch ESXi410-201201401-SG\n\n ESXi 5.0 without patch ESXi500-201203101-SG\n\n ESXi 4.0 without patch ESXi400-201203401-SG\n\n ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,\n ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG,\n ESX410-201201407-SG\");\n\n script_tag(name:\"insight\", value:\"VMware ESXi and ESX updates to third party library and ESX Service Console address\n several security issues.\n\n a. ESX third party update for Service Console kernel\n\n The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-274.3.1.el5\n to fix multiple security issues in the COS kernel.\n\n b. ESX third party update for Service Console cURL RPM\n\n The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9 resolving a security issue.\n\n c. ESX third party update for Service Console nspr and nss RPMs\n\n The ESX Service Console (COS) nspr and nss RPMs are updated to nspr-4.8.8-1.el5_7 and\n nss-3.12.10-4.el5_7 respectively resolving a security issue.\n\n A Certificate Authority (CA) issued fraudulent SSL certificates and Netscape\n Portable Runtime (NSPR) and Network Security Services (NSS) contain the\n built-in tokens of this fraudulent Certificate Authority. This update renders\n all SSL certificates signed by the fraudulent CA as untrusted for all uses.\n\n d. ESX third party update for Service Console rpm RPMs\n\n The ESX Service Console Operating System (COS) rpm packages are updated to\n popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2, rpm-libs-4.4.2.3-22.el5_7.2\n and rpm-python-4.4.2.3-22.el5_7.2 which fixes multiple security issues.\n\n e. ESX third party update for Service Console samba RPMs\n\n The ESX Service Console Operating System (COS) samba packages are updated to\n samba-client-3.0.33-3.29.el5_7.4, samba-common-3.0.33-3.29.el5_7.4 and\n libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security issues in the\n Samba client.\n\n f. ESX third party update for Service Console python package\n\n The ESX Service Console (COS) python package is updated to 2.4.3-44 which fixes\n multiple security issues.\n\n g. ESXi update to third party component python\n\n The python third party library is updated to python 2.5.6 which fixes multiple\n security issues.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201201401-SG\",\n \"4.0.0\", \"ESXi400-201203401-SG\",\n \"5.0.0\", \"VIB:esx-base:5.0.0-0.10.608089\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2023-02-13T08:31:05", "description": "### Background\n\nThe Red Hat Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. \n\n### Description\n\nMultiple vulnerabilities have been found in RPM:\n\n * fsm.c fails to properly strip setuid and setgid bits from executable files during a package upgrade (CVE-2010-2059). \n * RPM does not properly parse spec files (CVE-2010-2197).\n * fsm.c fails to properly strip POSIX file capabilities from executable files during a package upgrade or removal (CVE-2010-2198). \n * fsm.c fails to properly strip POSIX ACLs from executable files during a package upgrade or removal (CVE-2010-2199). \n * header.c does not properly parse region offsets in package files (CVE-2011-3378). \n * RPM does not properly sanitize region tags in package headers (CVE-2012-0060). \n * RPM does not properly sanitize region sizes in package headers (CVE-2012-0061). \n * RPM does not properly sanitize region offsets in package headers(CVE-2012-0815). \n\n### Impact\n\nA local attacker may be able to gain elevated privileges. Furthermore, a remote attacker could entice a user to open a specially crafted RPM package, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll RPM users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/rpm-4.9.1.3\"", "cvss3": {}, "published": "2012-06-24T00:00:00", "type": "gentoo", "title": "RPM: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059", "CVE-2010-2197", "CVE-2010-2198", "CVE-2010-2199", "CVE-2011-3378", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2012-06-24T00:00:00", "id": "GLSA-201206-26", "href": "https://security.gentoo.org/glsa/201206-26", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-02-13T14:51:26", "description": "It was discovered that RPM incorrectly handled certain package headers. If a user or automated system were tricked into installing a specially crafted RPM package, an attacker could cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-01-18T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : rpm vulnerabilities (USN-1695-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:rpm", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1695-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63612", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1695-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63612);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(49799, 52865);\n script_xref(name:\"USN\", value:\"1695-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : rpm vulnerabilities (USN-1695-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that RPM incorrectly handled certain package\nheaders. If a user or automated system were tricked into installing a\nspecially crafted RPM package, an attacker could cause RPM to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1695-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"rpm\", pkgver:\"4.7.2-1lubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"rpm\", pkgver:\"4.9.0-7ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"rpm\", pkgver:\"4.9.1.1-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-15T14:50:16", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by multiple vulnerabilities:\n\n - RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.\n (CVE-2011-3378)\n\n - RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. (CVE-2012-0060)\n\n - The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. (CVE-2012-0061)\n\n - The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. (CVE-2012-0815)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-09-08T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Multiple Vulnerabilities (NS-SA-2020-0039)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0039_RPM.NASL", "href": "https://www.tenable.com/plugins/nessus/140293", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0039. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140293);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2011-3378\",\n \"CVE-2012-0060\",\n \"CVE-2012-0061\",\n \"CVE-2012-0815\"\n );\n script_bugtraq_id(49799, 52865);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Multiple Vulnerabilities (NS-SA-2020-0039)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by\nmultiple vulnerabilities:\n\n - RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service\n (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and\n offsets that are not properly handled when a package is queried or installed, related to (1) the\n regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.\n (CVE-2011-3378)\n\n - RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial\n of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to\n the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. (CVE-2012-0060)\n\n - The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags,\n which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute\n arbitrary code via a large region size in a package header. (CVE-2012-0061)\n\n - The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a\n denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a\n package header, which is not properly handled in a numeric range comparison. (CVE-2012-0815)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0039\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL rpm packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3378\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'rpm-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-apidocs-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-build-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-build-libs-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-cron-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-debuginfo-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-devel-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-lang-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-libs-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-plugin-systemd-inhibit-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-python-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22',\n 'rpm-sign-4.11.3-25.el7.cgslv5lite.0.1.g4ea5a22'\n ],\n 'CGSL MAIN 5.04': [\n 'rpm-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-apidocs-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-build-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-build-libs-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-cron-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-debuginfo-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-devel-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-libs-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-plugin-systemd-inhibit-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-python-4.11.3-25.el7.cgslv5.0.1.g8473ede',\n 'rpm-sign-4.11.3-25.el7.cgslv5.0.1.g8473ede'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rpm');\n}\n\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T14:53:43", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Add missing files in /usr/share/doc/\n\n - Fix warning when applying the patch for #1163057\n\n - Fix race condidition where unchecked data is exposed in the file system (CVE-2013-6435)(#1163057)\n\n - Fix segfault on rpmdb addition when header unload fails (#706935)\n\n - Fix segfault on invalid OpenPGP packet (#743203)\n\n - Account for excludes and hardlinks wrt payload max size (#716853)\n\n - Fix payload size tag generation on big-endian systems (#648516)\n\n - Track all install failures within a transaction (#671194)\n\n - fix changelog (bug #707677 is actually #808547)\n\n - Document -D and -E options in man page (#814602)\n\n - Require matching arch for freshen on colored transactions (#813282)\n\n - Add DWARF 3 and 4 support to debugedit (#808547)\n\n - No longer add \\n to group tag in Python bindings (#783451)\n\n - Fix typos in Japanese rpm man page (#760552)\n\n - Bump Geode compatibility up to i686 (#620570)\n\n - Proper region tag validation on package/header read (CVE-2012-0060)\n\n - Double-check region size against header size (CVE-2012-0061)\n\n - Validate negated offsets too in headerVerifyInfo (CVE-2012-0815)\n\n - Revert fix for #740291, too many packages rely on the broken behavior\n\n - Add support for XZ-compressed sources and patches to rpmbuild (#620674)\n\n - Avoid unnecessary assert-death when closing NULL fd (#573043)\n\n - Add scriptlet error notification callbacks (#533831)\n\n - Honor --noscripts for pre- and posttrans scriptlets too (#740345)\n\n - Avoid bogus error on printing empty ds from python (#628883)\n\n - File conflicts correctness & consistency fixes (#740291)\n\n - Create the directory used for transaction lock if necessary (#510469)\n\n - Only enforce default umask during transaction (#673821)\n\n - fix thinko in the CVE backport\n\n - fix CVE-2011-3378 (#742157)\n\n - accept windows cr/lf line endings in gpg keys (#530212)\n\n - Backport multilib ordering fixes from rpm 4.8.x (#641892)", "cvss3": {}, "published": "2016-06-22T00:00:00", "type": "nessus", "title": "OracleVM 3.2 : rpm (OVMSA-2016-0077)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378", "CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815", "CVE-2013-6435"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:popt", "p-cpe:/a:oracle:vm:rpm", "p-cpe:/a:oracle:vm:rpm-libs", "p-cpe:/a:oracle:vm:rpm-python", "cpe:/o:oracle:vm_server:3.2"], "id": "ORACLEVM_OVMSA-2016-0077.NASL", "href": "https://www.tenable.com/plugins/nessus/91753", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0077.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91753);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3378\", \"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\", \"CVE-2013-6435\");\n script_bugtraq_id(49799, 52865, 71558);\n\n script_name(english:\"OracleVM 3.2 : rpm (OVMSA-2016-0077)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Add missing files in /usr/share/doc/\n\n - Fix warning when applying the patch for #1163057\n\n - Fix race condidition where unchecked data is exposed in\n the file system (CVE-2013-6435)(#1163057)\n\n - Fix segfault on rpmdb addition when header unload fails\n (#706935)\n\n - Fix segfault on invalid OpenPGP packet (#743203)\n\n - Account for excludes and hardlinks wrt payload max size\n (#716853)\n\n - Fix payload size tag generation on big-endian systems\n (#648516)\n\n - Track all install failures within a transaction\n (#671194)\n\n - fix changelog (bug #707677 is actually #808547)\n\n - Document -D and -E options in man page (#814602)\n\n - Require matching arch for freshen on colored\n transactions (#813282)\n\n - Add DWARF 3 and 4 support to debugedit (#808547)\n\n - No longer add \\n to group tag in Python bindings\n (#783451)\n\n - Fix typos in Japanese rpm man page (#760552)\n\n - Bump Geode compatibility up to i686 (#620570)\n\n - Proper region tag validation on package/header read\n (CVE-2012-0060)\n\n - Double-check region size against header size\n (CVE-2012-0061)\n\n - Validate negated offsets too in headerVerifyInfo\n (CVE-2012-0815)\n\n - Revert fix for #740291, too many packages rely on the\n broken behavior\n\n - Add support for XZ-compressed sources and patches to\n rpmbuild (#620674)\n\n - Avoid unnecessary assert-death when closing NULL fd\n (#573043)\n\n - Add scriptlet error notification callbacks (#533831)\n\n - Honor --noscripts for pre- and posttrans scriptlets too\n (#740345)\n\n - Avoid bogus error on printing empty ds from python\n (#628883)\n\n - File conflicts correctness & consistency fixes (#740291)\n\n - Create the directory used for transaction lock if\n necessary (#510469)\n\n - Only enforce default umask during transaction (#673821)\n\n - fix thinko in the CVE backport\n\n - fix CVE-2011-3378 (#742157)\n\n - accept windows cr/lf line endings in gpg keys (#530212)\n\n - Backport multilib ordering fixes from rpm 4.8.x\n (#641892)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2016-June/000492.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.2\", reference:\"popt-1.10.2.3-36.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"rpm-4.4.2.3-36.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"rpm-libs-4.4.2.3-36.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"rpm-python-4.4.2.3-36.0.1.el5_11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-libs / rpm-python\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:25:43", "description": "The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : rpm on SL5.x, SL6.x i386/x86_64 (20120403)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:popt", "p-cpe:/a:fermilab:scientific_linux:rpm", "p-cpe:/a:fermilab:scientific_linux:rpm-apidocs", "p-cpe:/a:fermilab:scientific_linux:rpm-build", "p-cpe:/a:fermilab:scientific_linux:rpm-cron", "p-cpe:/a:fermilab:scientific_linux:rpm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:rpm-devel", "p-cpe:/a:fermilab:scientific_linux:rpm-libs", "p-cpe:/a:fermilab:scientific_linux:rpm-python", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120403_RPM_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61294", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61294);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"Scientific Linux Security Update : rpm on SL5.x, SL6.x i386/x86_64 (20120403)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The RPM Package Manager (RPM) is a command-line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library (such\nas the rpm command line tool, or the yum and up2date package managers)\nto crash or, potentially, execute arbitrary code. (CVE-2012-0060,\nCVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1204&L=scientific-linux-errata&T=0&P=190\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3fd3181\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"popt-1.10.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-apidocs-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-build-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-debuginfo-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-devel-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-libs-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-python-4.4.2.3-28.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-apidocs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-cron-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-debuginfo-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-devel-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-libs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:23", "description": "From Red Hat Security Advisory 2012:0451 :\n\nUpdated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network are protected by the use of a secure HTTPS connection in addition to the RPM package signature checks.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : rpm (ELSA-2012-0451)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:popt", "p-cpe:/a:oracle:linux:rpm", "p-cpe:/a:oracle:linux:rpm-apidocs", "p-cpe:/a:oracle:linux:rpm-build", "p-cpe:/a:oracle:linux:rpm-cron", "p-cpe:/a:oracle:linux:rpm-devel", "p-cpe:/a:oracle:linux:rpm-libs", "p-cpe:/a:oracle:linux:rpm-python", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-0451.NASL", "href": "https://www.tenable.com/plugins/nessus/68505", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0451 and \n# Oracle Linux Security Advisory ELSA-2012-0451 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68505);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"RHSA\", value:\"2012:0451\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : rpm (ELSA-2012-0451)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0451 :\n\nUpdated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise\nLinux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux\n5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library (such\nas the rpm command line tool, or the yum and up2date package managers)\nto crash or, potentially, execute arbitrary code. (CVE-2012-0060,\nCVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network are protected by\nthe use of a secure HTTPS connection in addition to the RPM package\nsignature checks.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-April/002731.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-April/002732.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-April/002754.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"popt-1.9.1-36_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-4.3.3-36_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-build-4.3.3-36_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-devel-4.3.3-36_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-libs-4.3.3-36_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-python-4.3.3-36_nonptl.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"popt-1.10.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-4.4.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-apidocs-4.4.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-build-4.4.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-devel-4.4.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-libs-4.4.2.3-28.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-python-4.4.2.3-28.0.1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-apidocs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-cron-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-devel-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-libs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:38:22", "description": "Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service (application crash) or potentially allow attackers to execute arbitrary code.\n\nAdditionally, a non-security issue has been fixed that could have caused a division by zero in cycles calculation under rare circumstances.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : RPM (SAT Patch Number 6191)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:popt", "p-cpe:/a:novell:suse_linux:11:popt-32bit", "p-cpe:/a:novell:suse_linux:11:rpm", "p-cpe:/a:novell:suse_linux:11:rpm-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POPT-120420.NASL", "href": "https://www.tenable.com/plugins/nessus/64214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64214);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"SuSE 11.2 Security Update : RPM (SAT Patch Number 6191)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities were reported in RPM which could\nhave been exploited via specially crafted RPM files to cause a denial\nof service (application crash) or potentially allow attackers to\nexecute arbitrary code.\n\nAdditionally, a non-security issue has been fixed that could have\ncaused a division by zero in cycles calculation under rare\ncircumstances.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=747225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0060.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6191.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"popt-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"rpm-4.4.2.3-37.50.6\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"popt-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"rpm-4.4.2.3-37.50.6\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"popt-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"rpm-4.4.2.3-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"popt-32bit-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"rpm-32bit-4.4.2.3-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.50.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.50.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:34:34", "description": "specially crafted signature headers could crash rpm", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rpm / rpm-python (openSUSE-SU-2012:0588-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rpm", "p-cpe:/a:novell:opensuse:rpm-32bit", "p-cpe:/a:novell:opensuse:rpm-debuginfo", "p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit", "p-cpe:/a:novell:opensuse:rpm-debugsource", "p-cpe:/a:novell:opensuse:rpm-devel", "p-cpe:/a:novell:opensuse:rpm-python", "p-cpe:/a:novell:opensuse:rpm-python-debuginfo", "p-cpe:/a:novell:opensuse:rpm-python-debugsource", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-259.NASL", "href": "https://www.tenable.com/plugins/nessus/74614", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-259.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74614);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"openSUSE Security Update : rpm / rpm-python (openSUSE-SU-2012:0588-1)\");\n script_summary(english:\"Check for the openSUSE-2012-259 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"specially crafted signature headers could crash rpm\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=714724\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=728682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=741543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rpm / rpm-python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-debuginfo-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-debugsource-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-devel-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-python-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-python-debuginfo-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"rpm-python-debugsource-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"rpm-32bit-4.9.1.2-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"rpm-debuginfo-32bit-4.9.1.2-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm-python / rpm-python-debuginfo / rpm-python-debugsource / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:23:09", "description": "This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 15 : rpm-4.9.1.3-1.fc15 (2012-5420)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5420.NASL", "href": "https://www.tenable.com/plugins/nessus/58820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5420.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58820);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"FEDORA\", value:\"2012-5420\");\n\n script_name(english:\"Fedora 15 : rpm-4.9.1.3-1.fc15 (2012-5420)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=798585\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6bc155f3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"rpm-4.9.1.3-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:28:22", "description": "Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service (application crash) or potentially allow attackers to execute arbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a division by zero in cycles calculation under rare circumstances.", "cvss3": {}, "published": "2012-07-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : RPM (ZYPP Patch Number 8184)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POPT-8184.NASL", "href": "https://www.tenable.com/plugins/nessus/59984", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59984);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"SuSE 10 Security Update : RPM (ZYPP Patch Number 8184)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities were reported in RPM which could\nhave been exploited via specially crafted RPM files to cause a denial\nof service (application crash) or potentially allow attackers to\nexecute arbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a\ndivision by zero in cycles calculation under rare circumstances.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0060.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8184.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"popt-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"popt-devel-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"rpm-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"rpm-devel-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"rpm-python-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"popt-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"popt-devel-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"rpm-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"rpm-devel-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"rpm-python-4.4.2-43.46.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:22:52", "description": "Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network are protected by the use of a secure HTTPS connection in addition to the RPM package signature checks.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-04-04T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : rpm (CESA-2012:0451)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:popt", "p-cpe:/a:centos:centos:rpm", "p-cpe:/a:centos:centos:rpm-apidocs", "p-cpe:/a:centos:centos:rpm-build", "p-cpe:/a:centos:centos:rpm-cron", "p-cpe:/a:centos:centos:rpm-devel", "p-cpe:/a:centos:centos:rpm-libs", "p-cpe:/a:centos:centos:rpm-python", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-0451.NASL", "href": "https://www.tenable.com/plugins/nessus/58584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0451 and \n# CentOS Errata and Security Advisory 2012:0451 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58584);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"RHSA\", value:\"2012:0451\");\n\n script_name(english:\"CentOS 5 / 6 : rpm (CESA-2012:0451)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise\nLinux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux\n5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library (such\nas the rpm command line tool, or the yum and up2date package managers)\nto crash or, potentially, execute arbitrary code. (CVE-2012-0060,\nCVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network are protected by\nthe use of a secure HTTPS connection in addition to the RPM package\nsignature checks.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-April/018549.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1642dc56\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-April/018550.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2bb532a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0060\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"popt-1.10.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-apidocs-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-build-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-devel-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-libs-4.4.2.3-28.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-python-4.4.2.3-28.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-apidocs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-cron-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-devel-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-libs-4.8.0-19.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:23:11", "description": "This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-04-12T00:00:00", "type": "nessus", "title": "Fedora 17 : rpm-4.9.1.3-1.fc17 (2012-5298)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5298.NASL", "href": "https://www.tenable.com/plugins/nessus/58712", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5298.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58712);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"FEDORA\", value:\"2012-5298\");\n\n script_name(english:\"Fedora 17 : rpm-4.9.1.3-1.fc17 (2012-5298)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=798585\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db98db72\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"rpm-4.9.1.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:23:30", "description": "Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service (application crash) or potentially allow attackers to execute arbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a division by zero in cycles calculation under rare circumstances.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : popt (ZYPP Patch Number 8093)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POPT-8093.NASL", "href": "https://www.tenable.com/plugins/nessus/59164", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59164);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"SuSE 10 Security Update : popt (ZYPP Patch Number 8093)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities were reported in RPM which could\nhave been exploited via specially crafted RPM files to cause a denial\nof service (application crash) or potentially allow attackers to\nexecute arbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a\ndivision by zero in cycles calculation under rare circumstances.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0060.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8093.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"rpm-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"rpm-devel-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"rpm-python-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"rpm-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"rpm-devel-4.4.2-43.46.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"rpm-python-4.4.2-43.46.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:38:24", "description": "Multiple security vulnerabilities were reported in RPM which could be exploited via specially crafted RPM files to cause a denial of service (application crash) or potentially allow attackers to execute arbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a division by zero in cycles calculation under rare circumstances.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : RPM (SAT Patch Number 6186)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:popt", "p-cpe:/a:novell:suse_linux:11:popt-32bit", "p-cpe:/a:novell:suse_linux:11:rpm", "p-cpe:/a:novell:suse_linux:11:rpm-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POPT-120419.NASL", "href": "https://www.tenable.com/plugins/nessus/64213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"SuSE 11.1 Security Update : RPM (SAT Patch Number 6186)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities were reported in RPM which could be\nexploited via specially crafted RPM files to cause a denial of service\n(application crash) or potentially allow attackers to execute\narbitrary code.\n\nAdditionally, a non-security issue was fixed that could cause a\ndivision by zero in cycles calculation under rare circumstances.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=747225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0060.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0815.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6186.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"popt-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"rpm-4.4.2.3-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-4.4.2.3-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"popt-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"rpm-4.4.2.3-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"popt-32bit-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"rpm-32bit-4.4.2.3-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.29.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.29.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:23:12", "description": "This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-04-23T00:00:00", "type": "nessus", "title": "Fedora 16 : rpm-4.9.1.3-1.fc16 (2012-5421)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-5421.NASL", "href": "https://www.tenable.com/plugins/nessus/58821", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5421.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58821);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"FEDORA\", value:\"2012-5421\");\n\n script_name(english:\"Fedora 16 : rpm-4.9.1.3-1.fc16 (2012-5421)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various input-validation issues in rpm:\nCVE-2012-0060, CVE-2012-0061 and CVE-2012-0815\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=798585\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17d8f848\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"rpm-4.9.1.3-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:30", "description": "Multiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060 , CVE-2012-0061 , CVE-2012-0815)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : rpm (ALAS-2012-61)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:rpm", "p-cpe:/a:amazon:linux:rpm-apidocs", "p-cpe:/a:amazon:linux:rpm-build", "p-cpe:/a:amazon:linux:rpm-cron", "p-cpe:/a:amazon:linux:rpm-debuginfo", "p-cpe:/a:amazon:linux:rpm-devel", "p-cpe:/a:amazon:linux:rpm-libs", "p-cpe:/a:amazon:linux:rpm-python", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-61.NASL", "href": "https://www.tenable.com/plugins/nessus/69668", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-61.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69668);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0060\");\n script_xref(name:\"ALAS\", value:\"2012-61\");\n script_xref(name:\"RHSA\", value:\"2012:0451\");\n\n script_name(english:\"Amazon Linux AMI : rpm (ALAS-2012-61)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library (such\nas the rpm command line tool, or the yum and up2date package managers)\nto crash or, potentially, execute arbitrary code. (CVE-2012-0060 ,\nCVE-2012-0061 , CVE-2012-0815)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-61.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update rpm' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"rpm-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-apidocs-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-build-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-cron-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-debuginfo-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-devel-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-libs-4.8.0-19.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-python-4.8.0-19.38.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:22:55", "description": "Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network are protected by the use of a secure HTTPS connection in addition to the RPM package signature checks.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-04-04T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : rpm (RHSA-2012:0451)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:popt", "p-cpe:/a:redhat:enterprise_linux:rpm", "p-cpe:/a:redhat:enterprise_linux:rpm-apidocs", "p-cpe:/a:redhat:enterprise_linux:rpm-build", "p-cpe:/a:redhat:enterprise_linux:rpm-cron", "p-cpe:/a:redhat:enterprise_linux:rpm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rpm-devel", "p-cpe:/a:redhat:enterprise_linux:rpm-libs", "p-cpe:/a:redhat:enterprise_linux:rpm-python", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2012-0451.NASL", "href": "https://www.tenable.com/plugins/nessus/58586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0451. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58586);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"RHSA\", value:\"2012:0451\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : rpm (RHSA-2012:0451)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise\nLinux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux\n5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command-line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library (such\nas the rpm command line tool, or the yum and up2date package managers)\nto crash or, potentially, execute arbitrary code. (CVE-2012-0060,\nCVE-2012-0061, CVE-2012-0815)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network are protected by\nthe use of a secure HTTPS connection in addition to the RPM package\nsignature checks.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0815\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0061\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0451\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{ sp = get_kb_item(\"Host/RedHat/minor_release\");\n if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\n\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"popt-1.9.1-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"popt-1.9.1-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"rpm-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"rpm-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"rpm-build-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"rpm-build-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"rpm-devel-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"rpm-devel-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"rpm-libs-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"rpm-libs-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"rpm-python-4.3.3-36_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"rpm-python-4.3.3-36_nonptl.el4\")) flag++;\n\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"popt-1.10.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"popt-1.10.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-apidocs-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-build-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-build-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"rpm-devel-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"rpm-devel-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"rpm-libs-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"rpm-libs-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-python-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-python-4.4.2.3-28.el5_8\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-22.el5_6.3\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-28.el5_8\")) flag++; }\n\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"rpm-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"rpm-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"rpm-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"rpm-apidocs-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-apidocs-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"rpm-build-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"rpm-build-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"rpm-build-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-build-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"rpm-cron-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-cron-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"rpm-debuginfo-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-debuginfo-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"rpm-devel-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-devel-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"rpm-libs-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-libs-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"rpm-python-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"rpm-python-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++; }\n\nif (sp == \"1\") { if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"rpm-python-4.8.0-16.el6_1.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-python-4.8.0-19.el6_2.1\")) flag++; }\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:22:37", "description": "Multiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2012-04-12T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : rpm (MDVSA-2012:056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64rpm-devel", "p-cpe:/a:mandriva:linux:lib64rpm4.6", "p-cpe:/a:mandriva:linux:librpm-devel", "p-cpe:/a:mandriva:linux:librpm4.6", "p-cpe:/a:mandriva:linux:python-rpm", "p-cpe:/a:mandriva:linux:rpm", "p-cpe:/a:mandriva:linux:rpm-build", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2012-056.NASL", "href": "https://www.tenable.com/plugins/nessus/58717", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:056. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58717);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n script_bugtraq_id(52865);\n script_xref(name:\"MDVSA\", value:\"2012:056\");\n\n script_name(english:\"Mandriva Linux Security Advisory : rpm (MDVSA-2012:056)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way RPM parsed package file headers.\nAn attacker could create a specially crafted RPM package that, when\nits package header was accessed, or during package signature\nverification, could cause an application using the RPM library to\ncrash or, potentially, execute arbitrary code (CVE-2012-0060,\nCVE-2012-0061, CVE-2012-0815).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=744858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=798585\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpm4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpm4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64rpm-devel-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64rpm4.6-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"librpm-devel-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"librpm4.6-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-rpm-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rpm-4.6.0-14.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rpm-build-4.6.0-14.3mnb2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:34:11", "description": "specially crafted signature headers could crash rpm", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rpm / rpm-python (openSUSE-SU-2012:0589-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rpm", "p-cpe:/a:novell:opensuse:rpm-32bit", "p-cpe:/a:novell:opensuse:rpm-debuginfo", "p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit", "p-cpe:/a:novell:opensuse:rpm-debugsource", "p-cpe:/a:novell:opensuse:rpm-devel", "cpe:/o:novell:opensuse:11.4"], "id": "OPENSUSE-2012-260.NASL", "href": "https://www.tenable.com/plugins/nessus/74615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-260.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74615);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\");\n\n script_name(english:\"openSUSE Security Update : rpm / rpm-python (openSUSE-SU-2012:0589-1)\");\n script_summary(english:\"Check for the openSUSE-2012-260 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"specially crafted signature headers could crash rpm\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=654217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rpm / rpm-python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-4.8.0-28.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-debuginfo-4.8.0-28.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-debugsource-4.8.0-28.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-devel-4.8.0-28.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"rpm-32bit-4.8.0-28.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"rpm-debuginfo-32bit-4.8.0-28.41.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm-32bit / rpm / rpm-debuginfo-32bit / rpm-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-05T14:35:42", "description": "- Wed Jun 30 2010 Panu Matilainen <pmatilai at redhat.com>\n - 4.7.2-2\n\n - Fix CVE-2010-2059 (#598775) and CVE-2010-2198 (#601955)\n\n - Tue Dec 8 2009 Panu Matilainen <pmatilai at redhat.com> - 4.7.2-1\n\n - update to 4.7.2 (http://rpm.org/wiki/Releases/4.7.2)\n\n - fix posix chmod test to unbreak %fixperms macro (#543035)\n\n - avoid looking into OpenPGP subkeys (#436812)\n\n - dont fail build on unrecognized non-executable files (#532489)\n\n - fix password check result when gpg is missing (#496754)\n\n - permit python to handle 64bit integer types from headers\n\n - all header integer types are unsigned, match this in python too\n\n - return python long objects where ints are not sufficient (#531243)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-07T00:00:00", "type": "nessus", "title": "Fedora 12 : rpm-4.7.2-2.fc12 (2010-10617)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-10617.NASL", "href": "https://www.tenable.com/plugins/nessus/47611", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10617.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47611);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_bugtraq_id(40512);\n script_xref(name:\"FEDORA\", value:\"2010-10617\");\n\n script_name(english:\"Fedora 12 : rpm-4.7.2-2.fc12 (2010-10617)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jun 30 2010 Panu Matilainen <pmatilai at redhat.com>\n - 4.7.2-2\n\n - Fix CVE-2010-2059 (#598775) and CVE-2010-2198\n (#601955)\n\n - Tue Dec 8 2009 Panu Matilainen <pmatilai at\n redhat.com> - 4.7.2-1\n\n - update to 4.7.2 (http://rpm.org/wiki/Releases/4.7.2)\n\n - fix posix chmod test to unbreak %fixperms macro\n (#543035)\n\n - avoid looking into OpenPGP subkeys (#436812)\n\n - dont fail build on unrecognized non-executable files\n (#532489)\n\n - fix password check result when gpg is missing\n (#496754)\n\n - permit python to handle 64bit integer types from\n headers\n\n - all header integer types are unsigned, match this in\n python too\n\n - return python long objects where ints are not\n sufficient (#531243)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rpm.org/wiki/Releases/4.7.2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=601955\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043749.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76a3357c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"rpm-4.7.2-2.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:33:17", "description": "- Wed Jun 30 2010 Panu Matilainen <pmatilai at redhat.com>\n - 4.8.1-2\n\n - plug a tiny race on sbit/capability removal\n\n - Mon Jun 14 2010 Panu Matilainen <pmatilai at redhat.com> - 4.8.1-1\n\n - update to 4.8.1 (http://rpm.org/wiki/Releases/4.8.1)\n\n - drop no longer needed patches\n\n - fix source url pointing to testing directory\n\n - fixes CVE-2010-2059 / #598934\n\n - fixes #532992, #578299, #587755, #590588, #593553, #597835, #598988\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-08T00:00:00", "type": "nessus", "title": "Fedora 13 : rpm-4.8.1-2.fc13 (2010-9829)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059", "CVE-2010-2198"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-9829.NASL", "href": "https://www.tenable.com/plugins/nessus/47676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9829.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47676);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2059\", \"CVE-2010-2198\");\n script_bugtraq_id(40512);\n script_xref(name:\"FEDORA\", value:\"2010-9829\");\n\n script_name(english:\"Fedora 13 : rpm-4.8.1-2.fc13 (2010-9829)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jun 30 2010 Panu Matilainen <pmatilai at redhat.com>\n - 4.8.1-2\n\n - plug a tiny race on sbit/capability removal\n\n - Mon Jun 14 2010 Panu Matilainen <pmatilai at\n redhat.com> - 4.8.1-1\n\n - update to 4.8.1 (http://rpm.org/wiki/Releases/4.8.1)\n\n - drop no longer needed patches\n\n - fix source url pointing to testing directory\n\n - fixes CVE-2010-2059 / #598934\n\n - fixes #532992, #578299, #587755, #590588, #593553,\n #597835, #598988\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rpm.org/wiki/Releases/4.8.1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=601955\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043889.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44a54986\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"rpm-4.8.1-2.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:44:31", "description": "Several vulnerabilities have been fixed in rpm :\n\nCVE-2014-8118\n\nFix integer overflow which allowed remote attackers to execute arbitrary code.\n\nCVE-2013-6435\n\nPrevent remote attackers from executing arbitrary code via crafted RPM files.\n\nCVE-2012-0815\n\nFix denial of service and possible code execution via negative value in region offset in crafted RPM files.\n\nCVE-2012-0060 and CVE-2012-0061\n\nPrevent denial of service (crash) and possibly execute arbitrary code execution via an invalid region tag in RPM files.\n\nWe recommend that you upgrade your rpm packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-140-1 : rpm security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0060", "CVE-2012-0061", "CVE-2012-0815", "CVE-2013-6435", "CVE-2014-8118"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:librpm-dbg", "p-cpe:/a:debian:debian_linux:librpm-dev", "p-cpe:/a:debian:debian_linux:librpm1", "p-cpe:/a:debian:debian_linux:librpmbuild1", "p-cpe:/a:debian:debian_linux:librpmio1", "p-cpe:/a:debian:debian_linux:lsb-rpm", "p-cpe:/a:debian:debian_linux:python-rpm", "p-cpe:/a:debian:debian_linux:rpm", "p-cpe:/a:debian:debian_linux:rpm-common", "p-cpe:/a:debian:debian_linux:rpm-i18n", "p-cpe:/a:debian:debian_linux:rpm2cpio", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-140.NASL", "href": "https://www.tenable.com/plugins/nessus/82123", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-140-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82123);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0060\", \"CVE-2012-0061\", \"CVE-2012-0815\", \"CVE-2013-6435\", \"CVE-2014-8118\");\n script_bugtraq_id(52865, 71558, 71588);\n\n script_name(english:\"Debian DLA-140-1 : rpm security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been fixed in rpm :\n\nCVE-2014-8118\n\nFix integer overflow which allowed remote attackers to execute\narbitrary code.\n\nCVE-2013-6435\n\nPrevent remote attackers from executing arbitrary code via crafted RPM\nfiles.\n\nCVE-2012-0815\n\nFix denial of service and possible code execution via negative value\nin region offset in crafted RPM files.\n\nCVE-2012-0060 and CVE-2012-0061\n\nPrevent denial of service (crash) and possibly execute arbitrary code\nexecution via an invalid region tag in RPM files.\n\nWe recommend that you upgrade your rpm packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/01/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/rpm\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpm-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpm-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpm1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpmbuild1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpmio1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lsb-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpm-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpm2cpio\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"librpm-dbg\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"librpm-dev\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"librpm1\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"librpmbuild1\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"librpmio1\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lsb-rpm\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-rpm\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rpm\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rpm-common\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rpm-i18n\", reference:\"4.8.1-6+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"rpm2cpio\", reference:\"4.8.1-6+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:34:59", "description": "Updated rpm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded by a system administrator. This could have security implications if a package was upgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the Security-Enhanced Linux (SELinux) subsystem, which could have caused extensive memory consumption. In reported cases, this issue was triggered by running rhn_check when errata were scheduled to be applied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-09-13T00:00:00", "type": "nessus", "title": "CentOS 5 : rpm (CESA-2010:0679)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:popt", "p-cpe:/a:centos:centos:rpm", "p-cpe:/a:centos:centos:rpm-apidocs", "p-cpe:/a:centos:centos:rpm-build", "p-cpe:/a:centos:centos:rpm-devel", "p-cpe:/a:centos:centos:rpm-libs", "p-cpe:/a:centos:centos:rpm-python", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0679.NASL", "href": "https://www.tenable.com/plugins/nessus/49204", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0679 and \n# CentOS Errata and Security Advisory 2010:0679 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49204);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0679\");\n\n script_name(english:\"CentOS 5 : rpm (CESA-2010:0679)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading packages. A local attacker able to create\nhard links to binaries could use this flaw to keep those binaries on\nthe system, at a specific version level and with the setuid or setgid\nbit set, even if the package providing them was upgraded by a system\nadministrator. This could have security implications if a package was\nupgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the\nSecurity-Enhanced Linux (SELinux) subsystem, which could have caused\nextensive memory consumption. In reported cases, this issue was\ntriggered by running rhn_check when errata were scheduled to be\napplied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-September/016978.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b3c1326d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-September/016979.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e4b5e10\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"popt-1.10.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-devel-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-libs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-devel / rpm-libs / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:38:01", "description": "Updated rpm packages that fix two security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading or removing packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded or removed by a system administrator. This could have security implications if a package was upgraded or removed because of a security flaw in a setuid or setgid program. (CVE-2005-4889, CVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain a backported patch to correct these issues.", "cvss3": {}, "published": "2010-09-08T00:00:00", "type": "nessus", "title": "RHEL 4 : rpm (RHSA-2010:0678)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:popt", "p-cpe:/a:redhat:enterprise_linux:rpm", "p-cpe:/a:redhat:enterprise_linux:rpm-build", "p-cpe:/a:redhat:enterprise_linux:rpm-devel", "p-cpe:/a:redhat:enterprise_linux:rpm-libs", "p-cpe:/a:redhat:enterprise_linux:rpm-python", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2010-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/49130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0678. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49130);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0678\");\n\n script_name(english:\"RHEL 4 : rpm (RHSA-2010:0678)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading or removing packages. A local attacker able\nto create hard links to binaries could use this flaw to keep those\nbinaries on the system, at a specific version level and with the\nsetuid or setgid bit set, even if the package providing them was\nupgraded or removed by a system administrator. This could have\nsecurity implications if a package was upgraded or removed because of\na security flaw in a setuid or setgid program. (CVE-2005-4889,\nCVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-4889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0678\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0678\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"popt-1.9.1-33_nonptl.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-build-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-devel-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-libs-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-python-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-build / rpm-devel / rpm-libs / rpm-python\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:26", "description": "From Red Hat Security Advisory 2010:0679 :\n\nUpdated rpm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded by a system administrator. This could have security implications if a package was upgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the Security-Enhanced Linux (SELinux) subsystem, which could have caused extensive memory consumption. In reported cases, this issue was triggered by running rhn_check when errata were scheduled to be applied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : rpm (ELSA-2010-0679)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:popt", "p-cpe:/a:oracle:linux:rpm", "p-cpe:/a:oracle:linux:rpm-apidocs", "p-cpe:/a:oracle:linux:rpm-build", "p-cpe:/a:oracle:linux:rpm-devel", "p-cpe:/a:oracle:linux:rpm-libs", "p-cpe:/a:oracle:linux:rpm-python", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0679.NASL", "href": "https://www.tenable.com/plugins/nessus/68096", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0679 and \n# Oracle Linux Security Advisory ELSA-2010-0679 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68096);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0679\");\n\n script_name(english:\"Oracle Linux 5 : rpm (ELSA-2010-0679)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0679 :\n\nUpdated rpm packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading packages. A local attacker able to create\nhard links to binaries could use this flaw to keep those binaries on\nthe system, at a specific version level and with the setuid or setgid\nbit set, even if the package providing them was upgraded by a system\nadministrator. This could have security implications if a package was\nupgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the\nSecurity-Enhanced Linux (SELinux) subsystem, which could have caused\nextensive memory consumption. In reported cases, this issue was\ntriggered by running rhn_check when errata were scheduled to be\napplied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-September/001626.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"popt-1.10.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-devel-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-libs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-devel / rpm-libs / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T15:08:04", "description": "From Red Hat Security Advisory 2010:0678 :\n\nUpdated rpm packages that fix two security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading or removing packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded or removed by a system administrator. This could have security implications if a package was upgraded or removed because of a security flaw in a setuid or setgid program. (CVE-2005-4889, CVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain a backported patch to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : rpm (ELSA-2010-0678)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:popt", "p-cpe:/a:oracle:linux:rpm", "p-cpe:/a:oracle:linux:rpm-build", "p-cpe:/a:oracle:linux:rpm-devel", "p-cpe:/a:oracle:linux:rpm-libs", "p-cpe:/a:oracle:linux:rpm-python", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2010-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/68095", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0678 and \n# Oracle Linux Security Advisory ELSA-2010-0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68095);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0678\");\n\n script_name(english:\"Oracle Linux 4 : rpm (ELSA-2010-0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0678 :\n\nUpdated rpm packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading or removing packages. A local attacker able\nto create hard links to binaries could use this flaw to keep those\nbinaries on the system, at a specific version level and with the\nsetuid or setgid bit set, even if the package providing them was\nupgraded or removed by a system administrator. This could have\nsecurity implications if a package was upgraded or removed because of\na security flaw in a setuid or setgid program. (CVE-2005-4889,\nCVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-September/001627.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"popt-1.9.1-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-build-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-devel-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-libs-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-python-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-build / rpm-devel / rpm-libs / rpm-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:37:51", "description": "Updated rpm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded by a system administrator. This could have security implications if a package was upgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the Security-Enhanced Linux (SELinux) subsystem, which could have caused extensive memory consumption. In reported cases, this issue was triggered by running rhn_check when errata were scheduled to be applied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-09-08T00:00:00", "type": "nessus", "title": "RHEL 5 : rpm (RHSA-2010:0679)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:popt", "p-cpe:/a:redhat:enterprise_linux:rpm", "p-cpe:/a:redhat:enterprise_linux:rpm-apidocs", "p-cpe:/a:redhat:enterprise_linux:rpm-build", "p-cpe:/a:redhat:enterprise_linux:rpm-devel", "p-cpe:/a:redhat:enterprise_linux:rpm-libs", "p-cpe:/a:redhat:enterprise_linux:rpm-python", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0679.NASL", "href": "https://www.tenable.com/plugins/nessus/49131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0679. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49131);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0679\");\n\n script_name(english:\"RHEL 5 : rpm (RHSA-2010:0679)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading packages. A local attacker able to create\nhard links to binaries could use this flaw to keep those binaries on\nthe system, at a specific version level and with the setuid or setgid\nbit set, even if the package providing them was upgraded by a system\nadministrator. This could have security implications if a package was\nupgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n* A memory leak in the communication between RPM and the\nSecurity-Enhanced Linux (SELinux) subsystem, which could have caused\nextensive memory consumption. In reported cases, this issue was\ntriggered by running rhn_check when errata were scheduled to be\napplied. (BZ#627630)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0679\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0679\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"popt-1.10.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rpm-devel-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"rpm-libs-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-devel / rpm-libs / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:38:12", "description": "Updated rpm packages that fix two security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading or removing packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded or removed by a system administrator. This could have security implications if a package was upgraded or removed because of a security flaw in a setuid or setgid program. (CVE-2005-4889, CVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages, which contain a backported patch to correct these issues.", "cvss3": {}, "published": "2010-09-12T00:00:00", "type": "nessus", "title": "CentOS 4 : rpm (CESA-2010:0678)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:popt", "p-cpe:/a:centos:centos:rpm", "p-cpe:/a:centos:centos:rpm-build", "p-cpe:/a:centos:centos:rpm-devel", "p-cpe:/a:centos:centos:rpm-libs", "p-cpe:/a:centos:centos:rpm-python", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2010-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/49180", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0678 and \n# CentOS Errata and Security Advisory 2010:0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49180);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-4889\", \"CVE-2010-2059\", \"CVE-2010-2199\");\n script_bugtraq_id(40512);\n script_xref(name:\"RHSA\", value:\"2010:0678\");\n\n script_name(english:\"CentOS 4 : rpm (CESA-2010:0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nIt was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading or removing packages. A local attacker able\nto create hard links to binaries could use this flaw to keep those\nbinaries on the system, at a specific version level and with the\nsetuid or setgid bit set, even if the package providing them was\nupgraded or removed by a system administrator. This could have\nsecurity implications if a package was upgraded or removed because of\na security flaw in a setuid or setgid program. (CVE-2005-4889,\nCVE-2010-2059)\n\nAll users of rpm are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-September/016966.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b16b7d6b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-September/016967.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?258ded1d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"popt-1.9.1-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"popt-1.9.1-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-build-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-build-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-devel-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-devel-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-libs-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-libs-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-python-4.3.3-33_nonptl.el4_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-python-4.3.3-33_nonptl.el4_8.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-build / rpm-devel / rpm-libs / rpm-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:23:45", "description": "Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat Enterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network remain secure due to certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-10-04T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : rpm (CESA-2011:1349)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:popt", "p-cpe:/a:centos:centos:rpm", "p-cpe:/a:centos:centos:rpm-apidocs", "p-cpe:/a:centos:centos:rpm-build", "p-cpe:/a:centos:centos:rpm-devel", "p-cpe:/a:centos:centos:rpm-libs", "p-cpe:/a:centos:centos:rpm-python", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-1349.NASL", "href": "https://www.tenable.com/plugins/nessus/56380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1349 and \n# CentOS Errata and Security Advisory 2011:1349 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56380);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"RHSA\", value:\"2011:1349\");\n\n script_name(english:\"CentOS 4 / 5 : rpm (CESA-2011:1349)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat\nEnterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6\nExtended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network remain secure due\nto certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018159.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e271676f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018160.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c545a1a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018091.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6ff68a7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018092.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?309460ed\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"popt-1.9.1-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"popt-1.9.1-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-build-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-build-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-devel-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-devel-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-libs-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-libs-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"rpm-python-4.3.3-35_nonptl.el4_8\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"rpm-python-4.3.3-35_nonptl.el4_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"popt-1.10.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-apidocs-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-build-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-devel-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-libs-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"rpm-python-4.4.2.3-22.el5_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-devel / rpm-libs / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:24:17", "description": "Specially crafted rpm packages could have caused memory corruption in rpm when verifying signatures (CVE-2011-3378). This has been fixed.", "cvss3": {}, "published": "2011-11-03T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : popt (ZYPP Patch Number 7793)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POPT-7793.NASL", "href": "https://www.tenable.com/plugins/nessus/56702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56702);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"SuSE 10 Security Update : popt (ZYPP Patch Number 7793)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted rpm packages could have caused memory corruption in\nrpm when verifying signatures (CVE-2011-3378). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3378.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7793.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"popt-1.7-271.37.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"popt-devel-1.7-271.37.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-4.4.2-43.38.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-devel-4.4.2-43.38.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-python-4.4.2-43.38.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.37.38.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.37.38.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:24:58", "description": "Specially crafted RPM packages could have caused memory corruption in rpm when verifying signatures (CVE-2011-3378). This has been fixed.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : popt (ZYPP Patch Number 7792)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POPT-7792.NASL", "href": "https://www.tenable.com/plugins/nessus/57241", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57241);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"SuSE 10 Security Update : popt (ZYPP Patch Number 7792)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted RPM packages could have caused memory corruption in\nrpm when verifying signatures (CVE-2011-3378). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3378.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7792.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"popt-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"popt-devel-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"rpm-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"rpm-devel-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"rpm-python-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"popt-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"popt-devel-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"rpm-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"rpm-devel-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"rpm-python-4.4.2-43.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.42.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.42.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T15:01:01", "description": "Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : rpm (ALAS-2011-14)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:rpm", "p-cpe:/a:amazon:linux:rpm-apidocs", "p-cpe:/a:amazon:linux:rpm-build", "p-cpe:/a:amazon:linux:rpm-cron", "p-cpe:/a:amazon:linux:rpm-debuginfo", "p-cpe:/a:amazon:linux:rpm-devel", "p-cpe:/a:amazon:linux:rpm-libs", "p-cpe:/a:amazon:linux:rpm-python", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2011-14.NASL", "href": "https://www.tenable.com/plugins/nessus/69573", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2011-14.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69573);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_xref(name:\"ALAS\", value:\"2011-14\");\n script_xref(name:\"RHSA\", value:\"2011:1349\");\n\n script_name(english:\"Amazon Linux AMI : rpm (ALAS-2011-14)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code. (CVE-2011-3378)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2011-14.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update rpm' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"rpm-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-apidocs-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-build-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-cron-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-debuginfo-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-devel-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-libs-4.8.0-16.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rpm-python-4.8.0-16.36.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-debuginfo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:25:18", "description": "Specially crafted RPM packages could have caused memory corruption in rpm when verifying signatures (CVE-2011-3378). This has been fixed.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : popt (SAT Patch Number 5256)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:popt", "p-cpe:/a:novell:suse_linux:11:popt-32bit", "p-cpe:/a:novell:suse_linux:11:rpm", "p-cpe:/a:novell:suse_linux:11:rpm-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POPT-111010.NASL", "href": "https://www.tenable.com/plugins/nessus/57128", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57128);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"SuSE 11.1 Security Update : popt (SAT Patch Number 5256)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted RPM packages could have caused memory corruption in\nrpm when verifying signatures (CVE-2011-3378). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=720824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-3378.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5256.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"popt-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"rpm-4.4.2.3-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-4.4.2.3-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"popt-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"rpm-4.4.2.3-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"popt-32bit-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"rpm-32bit-4.4.2.3-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.29.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.29.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T16:33:24", "description": "Specially crafted rpm packages can cause memory corruption in rpm when verifying signatures (CVE-2011-3378).", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rpm", "p-cpe:/a:novell:opensuse:rpm-32bit", "p-cpe:/a:novell:opensuse:rpm-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_RPM-111010.NASL", "href": "https://www.tenable.com/plugins/nessus/75726", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update rpm-5255.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75726);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)\");\n script_summary(english:\"Check for the rpm-5255 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted rpm packages can cause memory corruption in rpm when\nverifying signatures (CVE-2011-3378).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=720824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-11/msg00001.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"rpm-4.8.0-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"rpm-devel-4.8.0-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"rpm-32bit-4.8.0-5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm / rpm-32bit / rpm-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:23:51", "description": "Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code (CVE-2011-3378).\n\nAdditionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise Server 5 updated perl-URPM and lzma (xz v5) packages are being provided to support upgrading to Mandriva Linux 2011.\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2011-10-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : rpm (MDVSA-2011:143)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64lzma-devel", "p-cpe:/a:mandriva:linux:lib64lzma5", "p-cpe:/a:mandriva:linux:lib64popt-devel", "p-cpe:/a:mandriva:linux:lib64popt0", "p-cpe:/a:mandriva:linux:lib64rpm-devel", "p-cpe:/a:mandriva:linux:lib64rpm4.4", "p-cpe:/a:mandriva:linux:lib64rpm4.6", "p-cpe:/a:mandriva:linux:liblzma-devel", "p-cpe:/a:mandriva:linux:liblzma5", "p-cpe:/a:mandriva:linux:libpopt-devel", "p-cpe:/a:mandriva:linux:libpopt0", "p-cpe:/a:mandriva:linux:librpm-devel", "p-cpe:/a:mandriva:linux:librpm4.4", "p-cpe:/a:mandriva:linux:librpm4.6", "p-cpe:/a:mandriva:linux:perl-URPM", "p-cpe:/a:mandriva:linux:popt-data", "p-cpe:/a:mandriva:linux:python-rpm", "p-cpe:/a:mandriva:linux:rpm", "p-cpe:/a:mandriva:linux:rpm-build", "p-cpe:/a:mandriva:linux:xz", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-143.NASL", "href": "https://www.tenable.com/plugins/nessus/56403", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:143. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56403);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"MDVSA\", value:\"2011:143\");\n\n script_name(english:\"Mandriva Linux Security Advisory : rpm (MDVSA-2011:143)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code (CVE-2011-3378).\n\nAdditionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise\nServer 5 updated perl-URPM and lzma (xz v5) packages are being\nprovided to support upgrading to Mandriva Linux 2011.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64lzma-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64lzma5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64popt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64popt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpm4.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpm4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:liblzma-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:liblzma5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpopt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpopt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpm4.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpm4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-URPM\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:popt-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xz\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64lzma-devel-5.0.0-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64lzma5-5.0.0-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64popt-devel-1.10.8-32.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64popt0-1.10.8-32.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64rpm-devel-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64rpm4.4-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"liblzma-devel-5.0.0-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"liblzma5-5.0.0-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpopt-devel-1.10.8-32.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpopt0-1.10.8-32.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"librpm-devel-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"librpm4.4-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"perl-URPM-3.18.2-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"popt-data-1.10.8-32.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-rpm-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rpm-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rpm-build-4.4.2.3-20.4mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"xz-5.0.0-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64rpm-devel-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64rpm4.6-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"librpm-devel-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"librpm4.6-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-rpm-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rpm-4.6.0-14.1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"rpm-build-4.6.0-14.1mnb2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T14:58:41", "description": "From Red Hat Security Advisory 2011:1349 :\n\nUpdated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat Enterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network remain secure due to certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : rpm (ELSA-2011-1349)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:popt", "p-cpe:/a:oracle:linux:rpm", "p-cpe:/a:oracle:linux:rpm-apidocs", "p-cpe:/a:oracle:linux:rpm-build", "p-cpe:/a:oracle:linux:rpm-cron", "p-cpe:/a:oracle:linux:rpm-devel", "p-cpe:/a:oracle:linux:rpm-libs", "p-cpe:/a:oracle:linux:rpm-python", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-1349.NASL", "href": "https://www.tenable.com/plugins/nessus/68363", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1349 and \n# Oracle Linux Security Advisory ELSA-2011-1349 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68363);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"RHSA\", value:\"2011:1349\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : rpm (ELSA-2011-1349)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1349 :\n\nUpdated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat\nEnterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6\nExtended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network remain secure due\nto certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002385.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002386.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002387.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"popt-1.9.1-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-build-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-devel-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-libs-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"rpm-python-4.3.3-35_nonptl.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"popt-1.10.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-4.4.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-apidocs-4.4.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-build-4.4.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-devel-4.4.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-libs-4.4.2.3-22.0.1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"rpm-python-4.4.2.3-22.0.1.el5_7.2\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"rpm-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-apidocs-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-build-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-cron-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-devel-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-libs-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"rpm-python-4.8.0-16.el6_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T14:37:55", "description": "The RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : rpm on SL4.x, SL5.x, SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111003_RPM_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61147);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"Scientific Linux Security Update : rpm on SL4.x, SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1110&L=scientific-linux-errata&T=0&P=78\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e860323\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"popt-1.9.1-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-build-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-debuginfo-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-devel-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-libs-4.3.3-35_nonptl.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"rpm-python-4.3.3-35_nonptl.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"popt-1.10.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-apidocs-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-build-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-debuginfo-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-devel-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-libs-4.4.2.3-22.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-python-4.4.2.3-22.el5_7.2\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"rpm-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-apidocs-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-build-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-cron-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-debuginfo-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-devel-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-libs-4.8.0-16.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"rpm-python-4.8.0-16.el6_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:23:51", "description": "This update fixes some crashes which can occur when reading malformed package headers.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-10-12T00:00:00", "type": "nessus", "title": "Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-13785.NASL", "href": "https://www.tenable.com/plugins/nessus/56457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-13785.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56457);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"FEDORA\", value:\"2011-13785\");\n\n script_name(english:\"Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes some crashes which can occur when reading malformed\npackage headers.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=741606\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-October/067794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11089e25\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"rpm-4.9.1.2-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:23:39", "description": "Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat Enterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network remain secure due to certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain a backported patch to correct these issues. All running applications linked against the RPM library must be restarted for this update to take effect.", "cvss3": {}, "published": "2011-10-04T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : rpm (RHSA-2011:1349)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:popt", "p-cpe:/a:redhat:enterprise_linux:rpm", "p-cpe:/a:redhat:enterprise_linux:rpm-apidocs", "p-cpe:/a:redhat:enterprise_linux:rpm-build", "p-cpe:/a:redhat:enterprise_linux:rpm-cron", "p-cpe:/a:redhat:enterprise_linux:rpm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rpm-devel", "p-cpe:/a:redhat:enterprise_linux:rpm-libs", "p-cpe:/a:redhat:enterprise_linux:rpm-python", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-1349.NASL", "href": "https://www.tenable.com/plugins/nessus/56383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1349. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56383);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"RHSA\", value:\"2011:1349\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : rpm (RHSA-2011:1349)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpm packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6, and Red Hat\nEnterprise Linux 3 Extended Life Cycle Support, 5.3 Long Life, 5.6\nExtended Update Support, and 6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe RPM Package Manager (RPM) is a command line driven package\nmanagement system capable of installing, uninstalling, verifying,\nquerying, and updating software packages.\n\nMultiple flaws were found in the way the RPM library parsed package\nheaders. An attacker could create a specially crafted RPM package\nthat, when queried or installed, would cause rpm to crash or,\npotentially, execute arbitrary code. (CVE-2011-3378)\n\nNote: Although an RPM package can, by design, execute arbitrary code\nwhen installed, this issue would allow a specially crafted RPM package\nto execute arbitrary code before its digital signature has been\nverified. Package downloads from the Red Hat Network remain secure due\nto certificate checks performed on the secure connection.\n\nAll RPM users should upgrade to these updated packages, which contain\na backported patch to correct these issues. All running applications\nlinked against the RPM library must be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1349\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-apidocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpm-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1349\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{ sp = get_kb_item(\"Host/RedHat/minor_release\");\n if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\n\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"popt-1.9.1-35_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-4.3.3-35_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-build-4.3.3-35_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-devel-4.3.3-35_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-libs-4.3.3-35_nonptl.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rpm-python-4.3.3-35_nonptl.el4\")) flag++;\n\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"popt-1.10.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"popt-1.10.2.3-22.el5_7.2\")) flag++; }\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"popt-1.10.2.3-9.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"popt-1.10.2.3-9.el5_3.2\")) flag++;\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-apidocs-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-apidocs-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-apidocs-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-build-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-build-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-build-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-build-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"rpm-devel-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"rpm-devel-4.4.2.3-22.el5_7.2\")) flag++; }\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-devel-4.4.2.3-9.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-devel-4.4.2.3-9.el5_3.2\")) flag++;\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"rpm-libs-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", reference:\"rpm-libs-4.4.2.3-22.el5_7.2\")) flag++; }\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-libs-4.4.2.3-9.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-libs-4.4.2.3-9.el5_3.2\")) flag++;\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"rpm-python-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"s390x\", reference:\"rpm-python-4.4.2.3-22.el5_6.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"rpm-python-4.4.2.3-22.el5_7.2\")) flag++; }\n\nif (sp == \"6\") { if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-22.el5_6.2\")) flag++; }\nelse if (sp == \"3\") { if (rpm_check(release:\"RHEL5\", sp:\"3\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-9.el5_3.2\")) flag++; }\n else { if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"rpm-python-4.4.2.3-22.el5_7.2\")) flag++; }\n\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"i686\", reference:\"rpm-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"s390x\", reference:\"rpm-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"x86_64\", reference:\"rpm-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", reference:\"rpm-apidocs-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-apidocs-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"i686\", reference:\"rpm-build-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-build-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"s390x\", reference:\"rpm-build-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-build-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"x86_64\", reference:\"rpm-build-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-build-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", reference:\"rpm-cron-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-cron-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", reference:\"rpm-debuginfo-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-debuginfo-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", reference:\"rpm-devel-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-devel-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", reference:\"rpm-libs-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", reference:\"rpm-libs-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"i686\", reference:\"rpm-python-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpm-python-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"s390x\", reference:\"rpm-python-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpm-python-4.8.0-16.el6_1.1\")) flag++; }\n\nif (sp == \"0\") { if (rpm_check(release:\"RHEL6\", sp:\"0\", cpu:\"x86_64\", reference:\"rpm-python-4.8.0-12.el6_0.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpm-python-4.8.0-16.el6_1.1\")) flag++; }\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"popt / rpm / rpm-apidocs / rpm-build / rpm-cron / rpm-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T16:33:59", "description": "Specially crafted rpm packages can cause memory corruption in rpm when verifying signatures (CVE-2011-3378).", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rpm", "p-cpe:/a:novell:opensuse:rpm-32bit", "p-cpe:/a:novell:opensuse:rpm-debuginfo", "p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit", "p-cpe:/a:novell:opensuse:rpm-debugsource", "p-cpe:/a:novell:opensuse:rpm-devel", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_RPM-111010.NASL", "href": "https://www.tenable.com/plugins/nessus/76010", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update rpm-5255.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76010);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-3378\");\n\n script_name(english:\"openSUSE Security Update : rpm (openSUSE-SU-2011:1203-1)\");\n script_summary(english:\"Check for the rpm-5255 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted rpm packages can cause memory corruption in rpm when\nverifying signatures (CVE-2011-3378).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=720824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-11/msg00001.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-4.8.0-28.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-debuginfo-4.8.0-28.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-debugsource-4.8.0-28.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"rpm-devel-4.8.0-28.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"rpm-32bit-4.8.0-28.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"rpm-debuginfo-32bit-4.8.0-28.29.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm / rpm-32bit / rpm-devel / rpm-debuginfo / rpm-debuginfo-32bit / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-14T14:23:51", "description": "This update fixes some crashes which can occur when reading malformed package headers.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "nessus", "title": "Fedora 16 : rpm-4.9.1.2-1.fc16 (2011-13766)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3378"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rpm", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-13766.NASL", "href": "https://www.tenable.com/plugins/nessus/56424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-13766.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56424);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3378\");\n script_bugtraq_id(49799);\n script_xref(name:\"FEDORA\", value:\"2011-13766\");\n\n script_name(english:\"Fedora 16 : rpm-4.9.1.2-1.fc16 (2011-13766)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes some crashes which can occur when reading malformed\npackage headers.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=741606\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-October/067512.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf761065\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected rpm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"rpm-4.9.1.2-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpm\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:23:06", "description": "It was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the package providing them was upgraded by a system administrator. This could have security implications if a package was upgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n - A memory leak in the communication between RPM and the Security-Enhanced Linux (SELinux) subsystem, which could have caused extensive memory consumption. In reported cases, this issue was triggered by running rhn_check when errata were scheduled to be applied. (BZ#627630)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : rpm on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100907_RPM_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60852", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60852);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2059\");\n\n script_name(english:\"Scientific Linux Security Update : rpm on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that RPM did not remove setuid and setgid bits set\non binaries when upgrading packages. A local attacker able to create\nhard links to binaries could use this flaw to keep those binaries on\nthe system, at a specific version level and with the setuid or setgid\nbit set, even if the package providing them was upgraded by a system\nadministrator. This could have security implications if a package was\nupgraded because of a security flaw in a setuid or setgid program.\n(CVE-2010-2059)\n\nThis update also fixes the following bug :\n\n - A memory leak in the communication between RPM and the\n Security-Enhanced Linux (SELinux) subsystem, which could\n have caused extensive memory consumption. In reported\n cases, this issue was triggered by running rhn_check\n when errata were scheduled to be applied. (BZ#627630)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=627630\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1009&L=scientific-linux-errata&T=0&P=327\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd895c7d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"popt-1.10.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-apidocs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-build-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-devel-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-libs-4.4.2.3-20.el5_5.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"rpm-python-4.4.2.3-20.el5_5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:38:17", "description": "This update fixes a security problem where RPM misses to clear the SUID/SGID bit of old files during package updates. (CVE-2010-2059)\n\nAlso the following bugs were fixed :\n\n - do not use glibc for passwd/group lookups when --root is used [bnc#536256]\n\n - disable cpio md5 checking for repackaged rpms [bnc#572280]", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : popt (ZYPP Patch Number 7069)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POPT-7069.NASL", "href": "https://www.tenable.com/plugins/nessus/49917", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49917);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2059\");\n\n script_name(english:\"SuSE 10 Security Update : popt (ZYPP Patch Number 7069)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security problem where RPM misses to clear the\nSUID/SGID bit of old files during package updates. (CVE-2010-2059)\n\nAlso the following bugs were fixed :\n\n - do not use glibc for passwd/group lookups when --root is\n used [bnc#536256]\n\n - disable cpio md5 checking for repackaged rpms\n [bnc#572280]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2059.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7069.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"popt-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"popt-devel-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"rpm-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"rpm-devel-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"rpm-python-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"popt-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"popt-devel-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-devel-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"rpm-python-4.4.2-43.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"popt-32bit-1.7-271.36.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"popt-devel-32bit-1.7-271.36.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:38:05", "description": "This update fixes a security problem where RPM misses to clear the SUID/SGID bit of old files during package updates. (CVE-2010-2059)\n\nAlso the following bugs were fixed :\n\n - make 'rpmconfigcheck status' exit with 4 [bnc#592269]\n\n - do not use glibc for passwd/group lookups when --root is used [bnc#536256]\n\n - disable cpio md5 checking for repackaged rpms [bnc#572280]\n\n - Add rpm-4.4.2.3-no-order-rescan-limit.patch from upstream. (bnc#552622)\n\n - backport lazy statfs patch [fate#302038]\n\n - findksyms.diff: backport changes from Factory for fate#305945.\n\n - fix v4 rsa signature verification code [bnc#615409]", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "nessus", "title": "SuSE 11 / 11.1 Security Update : popt (SAT Patch Numbers 2647 / 2648)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2059"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:popt", "p-cpe:/a:novell:suse_linux:11:popt-32bit", "p-cpe:/a:novell:suse_linux:11:rpm", "p-cpe:/a:novell:suse_linux:11:rpm-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POPT-100706.NASL", "href": "https://www.tenable.com/plugins/nessus/50957", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50957);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2059\");\n\n script_name(english:\"SuSE 11 / 11.1 Security Update : popt (SAT Patch Numbers 2647 / 2648)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security problem where RPM misses to clear the\nSUID/SGID bit of old files during package updates. (CVE-2010-2059)\n\nAlso the following bugs were fixed :\n\n - make 'rpmconfigcheck status' exit with 4 [bnc#592269]\n\n - do not use glibc for passwd/group lookups when --root is\n used [bnc#536256]\n\n - disable cpio md5 checking for repackaged rpms\n [bnc#572280]\n\n - Add rpm-4.4.2.3-no-order-rescan-limit.patch from\n upstream. (bnc#552622)\n\n - backport lazy statfs patch [fate#302038]\n\n - findksyms.diff: backport changes from Factory for\n fate#305945.\n\n - fix v4 rsa signature verification code [bnc#615409]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=572280\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=592269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=610941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=615409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2059.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 2647 / 2648 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:popt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:rpm-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"popt-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"rpm-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"popt-32bit-1.7-37.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"rpm-32bit-4.4.2.3-37.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:35:00", "description": "This update fixes the problem where RPM misses to clear the SUID/SGID bit of old files during package updates. (CVE-2010-2059)\n\nAlso following bugfixes were merged from SLE11 :\n\n - make 'rpmconfigcheck status' exit with 4 [bnc#592269]\n\n - do not use glibc for passwd/group lookups when --root is used [bnc#536256]\n\n - disable cpio md5 checking for repackaged rpms [bnc#572280]\n\n - Add rpm-4.4.2.3-no-order-rescan-limit.patch from upstream (bnc#552622)\n\n - backport lazy statfs patch [fate#302038]\n\n - define disttag as optional tag with macro just like disturl \n\n - add popt-devel and rpm-devel to baselibs config (bnc#445037)\n\n - brp-symlink: whitelist kde4 doc path (bnc#457908) \n\n - find-supplements.ksyms: Module aliases may contain special characters that rpm does not allow in dependencies, such as commas. Encode those as %XX to avoid generating broken dependencies (bnc#456695).\n\n - find-debuginfo.sh: Don't convert to binary.", "cvss3": {}, "published": "2010-09-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : popt (openSUSE-SU-2010:0629-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2

GLSA-201206-26 : RPM: Multiple vulnerabilities

Description

Related