Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.IBM_NETEZZA_ANALYTICS_SWG22012645.NASL
HistoryFeb 09, 2018 - 12:00 a.m.

IBM Netezza Analytics Open Source James Clark Expat Multiple Vulnerabilities (swg22012645)

2018-02-0900:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

The version of IBM Netezza Analytics installed on the remote Linux host is 1.2.1 - 3.2.1. It is, therefore, affected by multiple vulnerabilities in the Open Source James Clark Expat component.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(106714);
  script_version("1.5");
  script_cvs_date("Date: 2019/11/08");

  script_cve_id("CVE-2013-0340", "CVE-2013-0341");
  script_bugtraq_id(58233);

  script_name(english:"IBM Netezza Analytics Open Source James Clark Expat Multiple Vulnerabilities (swg22012645)");
  script_summary(english:"Checks the IBM Netezza Analytics version.");

  script_set_attribute(attribute:"synopsis", value:
"An enterprise data warehousing component installed on the remote
Linux host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of IBM Netezza Analytics installed on the remote Linux
host is 1.2.1 - 3.2.1. It is, therefore, affected by multiple
vulnerabilities in the Open Source James Clark Expat component.");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg22012645");
  script_set_attribute(attribute:"solution", value:
"Upgrade to IBM Netezza Analytics version 3.2.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0340");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/01/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/09");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:ibm:netezza");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"General");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ibm_netezza_platform_software_installed.nbin");
  script_require_keys("installed_sw/IBM Netezza Platform Software");

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("audit.inc");
include("install_func.inc");

app_name = "IBM Netezza Platform Software";

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);

app_name = "IBM Netezza Analytics";
inza_ver = install["Netezza Analytics version"];

if (inza_ver == UNKNOWN_VER)
  audit(AUDIT_NOT_INST, app_name);

min = "1.2.1";
fix = "3.2.2";

if (ver_compare(ver:inza_ver, fix:min, strict:FALSE) < 0)
  audit(AUDIT_INST_VER_NOT_VULN, app_name, inza_ver);

if (ver_compare(ver:inza_ver, fix:fix, strict:FALSE) < 0)
{
  report +=
    '\n  Installed version : ' + inza_ver +
    '\n  Fixed version     : ' + fix +
    '\n';
  security_report_v4(port:0, extra:report, severity:SECURITY_WARNING);
}
else audit(AUDIT_INST_VER_NOT_VULN, "IBM Netezza Analytics", inza_ver);
VendorProductVersionCPE
ibmnetezzacpe:/h:ibm:netezza

Related

ibm 11
cve 3
prion 3
veracode 1
nessus 13
slackware 1
debiancve 1
freebsd 4
cbl_mariner 1
ubuntucve 1
mageia 1
gentoo 1
apple 6
androidsecurity 1
ics 1
avleonov 1
ibm
ibm
Security Bulletin:Vulnerabilities in Open Source James Clark Expat affect IBM Netezza Analytics
2019-10-18 03:10:29
Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise edition are affected by James Clark Expat Vulnerabilities
2018-06-17 22:33:38
Security Bulletin: IBM Prospect is affected by Expat XML Parser vulnerability (CVE-2013-0340)
2018-06-17 15:49:59
cve
cve
CVE-2013-0341
2013-09-26 14:16:00
CVE-2013-0340
2014-01-21 18:55:00
CVE-2021-40439
2021-10-07 16:15:00
prion
prion
Design/Logic Flaw
2013-09-26 14:16:00
Xxe
2014-01-21 18:55:00
Code injection
2021-10-07 16:15:00
veracode
veracode
XML External Entities (XXE)
2019-06-12 07:55:17
nessus
nessus
Slackware 14.0 / 14.1 / 14.2 / current : expat (SSA:2021-143-01)
2021-05-24 00:00:00
FreeBSD : Python -- multiple vulnerabilities (032643d7-0ba7-11ec-a689-080027e50e6d)
2021-09-07 00:00:00
FreeBSD : texproc/expat2 -- billion laugh attack (5fa90ee6-bc9e-11eb-a287-e0d55e2a8bf9)
2021-05-25 00:00:00
slackware
slackware
[slackware-security] expat
2021-05-23 19:55:46
debiancve
debiancve
CVE-2013-0340
2014-01-21 18:55:00
freebsd
freebsd
texproc/expat2 -- billion laugh attack
2013-02-21 00:00:00
Python -- multiple vulnerabilities
2021-08-30 00:00:00
Python -- multiple vulnerabilities
2021-08-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2013-0340 affecting package expat 2.2.6-4
2022-01-10 03:59:19
ubuntucve
ubuntucve
CVE-2013-0340
2014-01-21 00:00:00
mageia
mageia
Updated python3 packages fix security vulnerability
2021-09-23 07:49:29
gentoo
gentoo
Expat: Multiple vulnerabilities
2017-01-11 00:00:00
apple
apple
About the security content of Security Update 2021-005 Catalina
2021-09-13 00:00:00
About the security content of iOS 14.8 and iPadOS 14.8
2021-09-13 00:00:00
About the security content of tvOS 15
2021-09-20 00:00:00
androidsecurity
androidsecurity
Android 13 Security Release Notes
2022-07-25 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13
JSON
Related for IBM_NETEZZA_ANALYTICS_SWG22012645.NASL
ibm11cve3prion3veracode1nessus13slackware1debiancve1freebsd4cbl_mariner1ubuntucve1mageia1gentoo1apple6androidsecurity1ics1avleonov1