Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities

2010-06-15T00:00:00

Description

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.4. Mac OS X 10.6.4 contains security fixes for the following components : - CUPS - DesktopServices - Flash Player plug-in - Folder Manager - Help Viewer - iChat - ImageIO - Kerberos - Kernel - libcurl - Network Authorization - Open Directory - Printer Setup - Printing - Ruby - SMB File Server - SquirrelMail - Wiki Server

{"id": "MACOSX_10_6_4.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities", "description": "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.4.\n\nMac OS X 10.6.4 contains security fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - Help Viewer\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Open Directory\n - Printer Setup\n - Printing\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server", "published": "2010-06-15T00:00:00", "modified": "2018-07-14T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/47023", "reporter": "This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1578", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0546", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1821", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1382", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1816", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0187", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1381", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1377", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0545", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1579", "http://support.apple.com/kb/HT4188", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1379", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1581", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2964", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0283", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1320", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1373", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1380", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1376", "http://lists.apple.com/archives/security-announce/2010/Jun/msg00001.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1580", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1374", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0541", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411"], "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0283", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1320", "CVE-2010-1373", "CVE-2010-1374", "CVE-2010-1376", "CVE-2010-1377", "CVE-2010-1379", "CVE-2010-1380", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411", "CVE-2010-1748", "CVE-2010-1816", "CVE-2010-1821"], "immutableFields": [], "lastseen": "2021-08-19T13:04:03", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:0057", "CESA-2009:1066", "CESA-2009:1490", "CESA-2010:0029", "CESA-2010:0129", "CESA-2010:0329", "CESA-2010:0490", "CESA-2010:0519", "CESA-2010:0520", "CESA-2011:0908", "CESA-2011:0909"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2010-039", "CPAI-2010-428", "CPAI-2011-262"]}, {"type": "cve", "idList": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0283", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1320", "CVE-2010-1373", "CVE-2010-1374", "CVE-2010-1376", "CVE-2010-1377", "CVE-2010-1379", "CVE-2010-1380", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411", "CVE-2010-1748", "CVE-2010-1816", "CVE-2010-1821"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1802-1:4EDD5", "DEBIAN:DSA-1802-2:AA371", "DEBIAN:DSA-1969-1:2A44E", "DEBIAN:DSA-2023-1:78B2A", "DEBIAN:DSA-2084-1:DA190", "DEBIAN:DSA-2091-1:23614", "DEBIAN:DSA-2176-1:CBD37"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-4212", "DEBIANCVE:CVE-2010-0283", "DEBIANCVE:CVE-2010-0302", "DEBIANCVE:CVE-2010-0540", "DEBIANCVE:CVE-2010-0734", "DEBIANCVE:CVE-2010-1320", "DEBIANCVE:CVE-2010-1411", "DEBIANCVE:CVE-2010-1748"]}, {"type": "fedora", "idList": ["FEDORA:0038310FBFB", "FEDORA:043B610F8DC", "FEDORA:0BB68111E6C", "FEDORA:14434110EDB", "FEDORA:1447210FB80", "FEDORA:1670B110D90", "FEDORA:1880D110DF3", "FEDORA:23C8D110D22", "FEDORA:2AD2910FBE3", "FEDORA:347041678F8", "FEDORA:431E7111A04", "FEDORA:51EBD10FCB6", "FEDORA:5F33D111308", "FEDORA:64EA710FC2C", "FEDORA:76BED10FB1E", "FEDORA:7920210F854", "FEDORA:7A6DB110620", "FEDORA:830F610F87D", "FEDORA:872FE10F9DC", "FEDORA:90162110B62", "FEDORA:919C011128A", "FEDORA:9407B10F8B4", "FEDORA:941A010F80E", "FEDORA:95C11110632", "FEDORA:95D5B111EB3", "FEDORA:97486110BD9", "FEDORA:9AB651114B4", "FEDORA:B5227110183", "FEDORA:B76E428653", "FEDORA:BC8C7110E6E", "FEDORA:C172110FA46", "FEDORA:C8A5910F87D", "FEDORA:DA6AE10F8DD", "FEDORA:E756210FACD"]}, {"type": "freebsd", "idList": ["313DA7DC-763B-11DF-BCCE-0018F3E2EB82", "34E0316A-AA91-11DF-8C2E-001517289BF8", "86B8B655-4D1A-11DF-83FB-0015587E2CC1", "9AC0F9C4-492B-11DF-83FB-0015587E2CC1", "C8C31C41-49ED-11DF-83FB-0015587E2CC1", "FF6519AD-18E5-11DF-9BDD-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-201001-08", "GLSA-201009-05", "GLSA-201101-09", "GLSA-201201-13", "GLSA-201203-02", "GLSA-201207-10", "GLSA-201209-02"]}, {"type": "jvn", "idList": ["JVN:30881447"]}, {"type": "nessus", "idList": ["5037.PRM", "5147.PRM", "5338.PRM", "5571.PRM", "5573.PRM", "5574.PRM", "800793.PRM", "ADOBE_ACROBAT_APSB10-07.NASL", "ADOBE_AIR_APSB10-06.NASL", "ADOBE_READER_APSB10-07.NASL", "CENTOS_RHSA-2009-0057.NASL", "CENTOS_RHSA-2009-1066.NASL", "CENTOS_RHSA-2009-1490.NASL", "CENTOS_RHSA-2009-1595.NASL", "CENTOS_RHSA-2010-0029.NASL", "CENTOS_RHSA-2010-0129.NASL", "CENTOS_RHSA-2010-0329.NASL", "CENTOS_RHSA-2010-0490.NASL", "CENTOS_RHSA-2010-0519.NASL", "CENTOS_RHSA-2010-0520.NASL", "CENTOS_RHSA-2011-0908.NASL", "CENTOS_RHSA-2011-0909.NASL", "CUPS_1_4_4.NASL", "CUPS_MEMORY_ACCESS.NASL", "DEBIAN_DSA-1802.NASL", "DEBIAN_DSA-1969.NASL", "DEBIAN_DSA-2023.NASL", "DEBIAN_DSA-2084.NASL", "DEBIAN_DSA-2091.NASL", "DEBIAN_DSA-2176.NASL", "FEDORA_2009-4870.NASL", "FEDORA_2009-4875.NASL", "FEDORA_2009-4880.NASL", "FEDORA_2009-5350.NASL", "FEDORA_2009-5471.NASL", "FEDORA_2009-8797.NASL", "FEDORA_2009-8822.NASL", "FEDORA_2010-0503.NASL", "FEDORA_2010-0515.NASL", "FEDORA_2010-10066.NASL", "FEDORA_2010-10101.NASL", "FEDORA_2010-10333.NASL", "FEDORA_2010-10334.NASL", "FEDORA_2010-10359.NASL", "FEDORA_2010-10388.NASL", "FEDORA_2010-10460.NASL", "FEDORA_2010-10469.NASL", "FEDORA_2010-13341.NASL", "FEDORA_2010-13387.NASL", "FEDORA_2010-13401.NASL", "FEDORA_2010-1722.NASL", "FEDORA_2010-2720.NASL", "FEDORA_2010-2743.NASL", "FEDORA_2010-2762.NASL", "FEDORA_2010-3693.NASL", "FEDORA_2010-3761.NASL", "FEDORA_2010-7102.NASL", "FEDORA_2010-7130.NASL", "FLASH_PLAYER_APSB10_06.NASL", "FREEBSD_PKG_313DA7DC763B11DFBCCE0018F3E2EB82.NASL", "FREEBSD_PKG_34E0316AAA9111DF8C2E001517289BF8.NASL", "FREEBSD_PKG_86B8B6554D1A11DF83FB0015587E2CC1.NASL", "FREEBSD_PKG_9AC0F9C4492B11DF83FB0015587E2CC1.NASL", "FREEBSD_PKG_C8C31C4149ED11DF83FB0015587E2CC1.NASL", "FREEBSD_PKG_FF6519AD18E511DF9BDD001B2134EF46.NASL", "GENTOO_GLSA-201001-08.NASL", "GENTOO_GLSA-201009-05.NASL", "GENTOO_GLSA-201101-09.NASL", "GENTOO_GLSA-201201-13.NASL", "GENTOO_GLSA-201203-02.NASL", "GENTOO_GLSA-201207-10.NASL", "GENTOO_GLSA-201209-02.NASL", "HPSMH_7_0_0_24.NASL", "ITUNES_9_2.NASL", "ITUNES_9_2_BANNER.NASL", "MACOSX_SECUPD2010-004.NASL", "MANDRIVA_MDVSA-2010-006.NASL", "MANDRIVA_MDVSA-2010-062.NASL", "MANDRIVA_MDVSA-2010-073.NASL", "MANDRIVA_MDVSA-2010-145.NASL", "MANDRIVA_MDVSA-2010-146.NASL", "MANDRIVA_MDVSA-2010-232.NASL", "MANDRIVA_MDVSA-2010-233.NASL", "MANDRIVA_MDVSA-2011-097.NASL", "ORACLELINUX_ELSA-2009-0057.NASL", "ORACLELINUX_ELSA-2009-1066.NASL", "ORACLELINUX_ELSA-2009-1490.NASL", "ORACLELINUX_ELSA-2009-1595.NASL", "ORACLELINUX_ELSA-2010-0029.NASL", "ORACLELINUX_ELSA-2010-0129.NASL", "ORACLELINUX_ELSA-2010-0329.NASL", "ORACLELINUX_ELSA-2010-0490.NASL", "ORACLELINUX_ELSA-2010-0519.NASL", "ORACLELINUX_ELSA-2010-0520.NASL", "ORACLELINUX_ELSA-2011-0908.NASL", "ORACLELINUX_ELSA-2011-0909.NASL", "ORACLEVM_OVMSA-2011-0015.NASL", "REDHAT-RHSA-2009-0057.NASL", "REDHAT-RHSA-2009-1066.NASL", "REDHAT-RHSA-2009-1490.NASL", "REDHAT-RHSA-2009-1595.NASL", "REDHAT-RHSA-2010-0029.NASL", "REDHAT-RHSA-2010-0102.NASL", "REDHAT-RHSA-2010-0103.NASL", "REDHAT-RHSA-2010-0114.NASL", "REDHAT-RHSA-2010-0129.NASL", "REDHAT-RHSA-2010-0273.NASL", "REDHAT-RHSA-2010-0329.NASL", "REDHAT-RHSA-2010-0490.NASL", "REDHAT-RHSA-2010-0519.NASL", "REDHAT-RHSA-2010-0520.NASL", "REDHAT-RHSA-2011-0908.NASL", "REDHAT-RHSA-2011-0909.NASL", "SLACKWARE_SSA_2010-176-05.NASL", "SLACKWARE_SSA_2010-180-02.NASL", "SL_20090526_SQUIRRELMAIL_ON_SL3_X.NASL", "SL_20091008_SQUIRRELMAIL_ON_SL3_X.NASL", "SL_20100112_KRB5_ON_SL3_X.NASL", "SL_20100303_CUPS_ON_SL5_X.NASL", "SL_20100330_CURL_ON_SL3_X.NASL", "SL_20100330_CURL_ON_SL4_X.NASL", "SL_20100330_CURL_ON_SL5_X.NASL", "SL_20100617_CUPS_ON_SL3_X.NASL", "SL_20100708_LIBTIFF_ON_SL3_X.NASL", "SL_20110628_RUBY_ON_SL4_X.NASL", "SL_20110628_RUBY_ON_SL5_X.NASL", "SQUIRRELMAIL_1418.NASL", "SQUIRRELMAIL_MAP_YP_ALIAS_CODE_EXEC.NASL", "SUSE9_12618.NASL", "SUSE9_12665.NASL", "SUSE_11_0_ACROREAD-100225.NASL", "SUSE_11_0_CUPS-100210.NASL", "SUSE_11_0_FLASH-PLAYER-100214.NASL", "SUSE_11_0_KRB5-100113.NASL", "SUSE_11_0_LIBTIFF-DEVEL-100525.NASL", "SUSE_11_1_ACROREAD-100225.NASL", "SUSE_11_1_CUPS-100210.NASL", "SUSE_11_1_CUPS-101124.NASL", "SUSE_11_1_FLASH-PLAYER-100214.NASL", "SUSE_11_1_KRB5-100113.NASL", "SUSE_11_1_LIBTIFF-DEVEL-100524.NASL", "SUSE_11_2_ACROREAD-100225.NASL", "SUSE_11_2_CUPS-100305.NASL", "SUSE_11_2_CUPS-101124.NASL", "SUSE_11_2_FLASH-PLAYER-100214.NASL", "SUSE_11_2_KRB5-100113.NASL", "SUSE_11_2_KRB5-100217.NASL", "SUSE_11_2_KRB5-100421.NASL", "SUSE_11_2_LIBTIFF-DEVEL-100525.NASL", "SUSE_11_3_CUPS-101124.NASL", "SUSE_11_3_RUBY-110517.NASL", "SUSE_11_ACROREAD-100225.NASL", "SUSE_11_CUPS-100210.NASL", "SUSE_11_CUPS-101119.NASL", "SUSE_11_CUPS-110921.NASL", "SUSE_11_FLASH-PLAYER-100214.NASL", "SUSE_11_KRB5-100113.NASL", "SUSE_11_RUBY-110517.NASL", "SUSE_ACROREAD-6879.NASL", "SUSE_ACROREAD-6881.NASL", "SUSE_CUPS-7244.NASL", "SUSE_CUPS-7774.NASL", "SUSE_CUPS-7775.NASL", "SUSE_FLASH-PLAYER-6844.NASL", "SUSE_FLASH-PLAYER-6845.NASL", "SUSE_KRB5-6775.NASL", "SUSE_KRB5-6776.NASL", "SUSE_LIBTIFF-7052.NASL", "SUSE_SQUIRRELMAIL-6242.NASL", "UBUNTU_USN-1158-1.NASL", "UBUNTU_USN-1377-1.NASL", "UBUNTU_USN-881-1.NASL", "UBUNTU_USN-906-1.NASL", "UBUNTU_USN-916-1.NASL", "UBUNTU_USN-940-1.NASL", "UBUNTU_USN-940-2.NASL", "UBUNTU_USN-952-1.NASL", "UBUNTU_USN-954-1.NASL", "VMWARE_VMSA-2010-0009.NASL", "VMWARE_VMSA-2010-0009_REMOTE.NASL", "VMWARE_VMSA-2010-0015.NASL", "VMWARE_VMSA-2010-0015_REMOTE.NASL", "VMWARE_VMSA-2010-0016.NASL", "VMWARE_VMSA-2011-0003.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103449", "OPENVAS:103454", "OPENVAS:103468", "OPENVAS:1361412562310100203", "OPENVAS:1361412562310100687", "OPENVAS:1361412562310103449", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310103468", "OPENVAS:1361412562310122141", "OPENVAS:1361412562310122347", "OPENVAS:1361412562310122351", "OPENVAS:1361412562310122376", "OPENVAS:1361412562310122388", "OPENVAS:1361412562310122402", "OPENVAS:1361412562310122428", "OPENVAS:1361412562310122481", "OPENVAS:1361412562310122526", "OPENVAS:136141256231063984", "OPENVAS:136141256231063985", "OPENVAS:136141256231063986", "OPENVAS:136141256231063987", "OPENVAS:136141256231064026", "OPENVAS:136141256231064033", "OPENVAS:136141256231064037", "OPENVAS:136141256231064063", "OPENVAS:136141256231064085", "OPENVAS:136141256231064086", "OPENVAS:136141256231064123", "OPENVAS:136141256231064694", "OPENVAS:136141256231064714", "OPENVAS:136141256231064722", "OPENVAS:136141256231065731", "OPENVAS:136141256231065756", "OPENVAS:136141256231066741", "OPENVAS:136141256231066848", "OPENVAS:136141256231067208", "OPENVAS:136141256231067287", "OPENVAS:136141256231067291", "OPENVAS:136141256231067357", "OPENVAS:136141256231067657", "OPENVAS:136141256231067839", "OPENVAS:136141256231067845", "OPENVAS:136141256231067860", "OPENVAS:136141256231068164", "OPENVAS:136141256231068166", "OPENVAS:136141256231069029", "OPENVAS:136141256231069045", "OPENVAS:136141256231069111", "OPENVAS:136141256231070814", "OPENVAS:136141256231071186", "OPENVAS:136141256231071590", "OPENVAS:136141256231072419", "OPENVAS:1361412562310800433", "OPENVAS:1361412562310800475", "OPENVAS:1361412562310800476", "OPENVAS:1361412562310800487", "OPENVAS:1361412562310801664", "OPENVAS:1361412562310804267", "OPENVAS:1361412562310810929", "OPENVAS:1361412562310810930", "OPENVAS:1361412562310830809", "OPENVAS:1361412562310830877", "OPENVAS:1361412562310830888", "OPENVAS:1361412562310830891", "OPENVAS:1361412562310830955", "OPENVAS:1361412562310830973", "OPENVAS:1361412562310830978", "OPENVAS:1361412562310831121", "OPENVAS:1361412562310831122", "OPENVAS:1361412562310831252", "OPENVAS:1361412562310831255", "OPENVAS:1361412562310831408", "OPENVAS:1361412562310840368", "OPENVAS:1361412562310840396", "OPENVAS:1361412562310840405", "OPENVAS:1361412562310840433", "OPENVAS:1361412562310840446", "OPENVAS:1361412562310840447", "OPENVAS:1361412562310840462", "OPENVAS:1361412562310840685", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310850122", "OPENVAS:1361412562310861626", "OPENVAS:1361412562310861639", "OPENVAS:1361412562310861736", "OPENVAS:1361412562310861773", "OPENVAS:1361412562310861774", "OPENVAS:1361412562310861776", "OPENVAS:1361412562310861778", "OPENVAS:1361412562310861807", "OPENVAS:1361412562310861865", "OPENVAS:1361412562310861921", "OPENVAS:1361412562310861973", "OPENVAS:1361412562310861974", "OPENVAS:1361412562310862162", "OPENVAS:1361412562310862205", "OPENVAS:1361412562310862208", "OPENVAS:1361412562310862216", "OPENVAS:1361412562310862220", "OPENVAS:1361412562310862222", "OPENVAS:1361412562310862228", "OPENVAS:1361412562310862286", "OPENVAS:1361412562310862341", "OPENVAS:1361412562310862353", "OPENVAS:1361412562310862562", "OPENVAS:1361412562310862570", "OPENVAS:1361412562310862690", "OPENVAS:1361412562310862876", "OPENVAS:1361412562310862987", "OPENVAS:1361412562310863074", "OPENVAS:1361412562310870207", "OPENVAS:1361412562310870224", "OPENVAS:1361412562310870249", "OPENVAS:1361412562310870252", "OPENVAS:1361412562310870279", "OPENVAS:1361412562310870286", "OPENVAS:1361412562310870287", "OPENVAS:1361412562310870449", "OPENVAS:1361412562310870450", "OPENVAS:1361412562310880344", "OPENVAS:1361412562310880350", "OPENVAS:1361412562310880353", "OPENVAS:1361412562310880356", "OPENVAS:1361412562310880390", "OPENVAS:1361412562310880391", "OPENVAS:1361412562310880407", "OPENVAS:1361412562310880411", "OPENVAS:1361412562310880549", "OPENVAS:1361412562310880571", "OPENVAS:1361412562310880583", "OPENVAS:1361412562310880585", "OPENVAS:1361412562310880660", "OPENVAS:1361412562310880729", "OPENVAS:1361412562310880771", "OPENVAS:1361412562310880772", "OPENVAS:1361412562310880918", "OPENVAS:1361412562310880953", "OPENVAS:1361412562310881272", "OPENVAS:1361412562310881337", "OPENVAS:1361412562310900830", "OPENVAS:1361412562310902128", "OPENVAS:1361412562310902129", "OPENVAS:63984", "OPENVAS:63985", "OPENVAS:63986", "OPENVAS:63987", "OPENVAS:64026", "OPENVAS:64033", "OPENVAS:64037", "OPENVAS:64063", "OPENVAS:64085", "OPENVAS:64086", "OPENVAS:64123", "OPENVAS:64175", "OPENVAS:64694", "OPENVAS:64714", "OPENVAS:64722", "OPENVAS:65731", "OPENVAS:65756", "OPENVAS:66741", "OPENVAS:66848", "OPENVAS:67208", "OPENVAS:67287", "OPENVAS:67291", "OPENVAS:67357", "OPENVAS:67657", "OPENVAS:67839", "OPENVAS:67845", "OPENVAS:67860", "OPENVAS:68164", "OPENVAS:68166", "OPENVAS:69029", "OPENVAS:69045", "OPENVAS:69111", "OPENVAS:70814", "OPENVAS:71186", "OPENVAS:71590", "OPENVAS:72419", "OPENVAS:800475", "OPENVAS:800476", "OPENVAS:830809", "OPENVAS:830877", "OPENVAS:830888", "OPENVAS:830891", "OPENVAS:830955", "OPENVAS:830973", "OPENVAS:830978", "OPENVAS:831121", "OPENVAS:831122", "OPENVAS:831252", "OPENVAS:831255", "OPENVAS:831408", "OPENVAS:840368", "OPENVAS:840396", "OPENVAS:840405", "OPENVAS:840433", "OPENVAS:840446", "OPENVAS:840447", "OPENVAS:840462", "OPENVAS:840685", "OPENVAS:840923", "OPENVAS:850122", "OPENVAS:861626", "OPENVAS:861639", "OPENVAS:861736", "OPENVAS:861773", "OPENVAS:861774", "OPENVAS:861776", "OPENVAS:861778", "OPENVAS:861807", "OPENVAS:861865", "OPENVAS:861921", "OPENVAS:861973", "OPENVAS:861974", "OPENVAS:862162", "OPENVAS:862205", "OPENVAS:862208", "OPENVAS:862216", "OPENVAS:862220", "OPENVAS:862222", "OPENVAS:862228", "OPENVAS:862286", "OPENVAS:862341", "OPENVAS:862353", "OPENVAS:862562", "OPENVAS:862570", "OPENVAS:862690", "OPENVAS:862876", "OPENVAS:862987", "OPENVAS:863074", "OPENVAS:870207", "OPENVAS:870224", "OPENVAS:870249", "OPENVAS:870252", "OPENVAS:870279", "OPENVAS:870286", "OPENVAS:870287", "OPENVAS:870449", "OPENVAS:870450", "OPENVAS:880344", "OPENVAS:880350", "OPENVAS:880353", "OPENVAS:880356", "OPENVAS:880390", "OPENVAS:880391", "OPENVAS:880407", "OPENVAS:880411", "OPENVAS:880549", "OPENVAS:880571", "OPENVAS:880583", "OPENVAS:880585", "OPENVAS:880660", "OPENVAS:880729", "OPENVAS:880771", "OPENVAS:880772", "OPENVAS:880918", "OPENVAS:880953", "OPENVAS:881272", "OPENVAS:881337"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0057", "ELSA-2009-1066", "ELSA-2009-1490", "ELSA-2010-0029", "ELSA-2010-0129", "ELSA-2010-0273", "ELSA-2010-0329", "ELSA-2010-0490", "ELSA-2010-0519", "ELSA-2010-0520", "ELSA-2011-0908", "ELSA-2011-0909"]}, {"type": "osv", "idList": ["OSV:DSA-1802-1", "OSV:DSA-1802-2", "OSV:DSA-1969-1", "OSV:DSA-2023-1", "OSV:DSA-2084-1", "OSV:DSA-2091-1", "OSV:DSA-2176-1"]}, {"type": "redhat", "idList": ["RHSA-2009:0057", "RHSA-2009:1066", "RHSA-2009:1490", "RHSA-2010:0029", "RHSA-2010:0095", "RHSA-2010:0102", "RHSA-2010:0103", "RHSA-2010:0114", "RHSA-2010:0129", "RHSA-2010:0273", "RHSA-2010:0329", "RHSA-2010:0490", "RHSA-2010:0519", "RHSA-2010:0520", "RHSA-2011:0908", "RHSA-2011:0909"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2010-0541-65556"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21822", "SECURITYVULNS:DOC:22395", "SECURITYVULNS:DOC:23044", "SECURITYVULNS:DOC:23249", "SECURITYVULNS:DOC:23438", "SECURITYVULNS:DOC:23690", "SECURITYVULNS:DOC:24113", "SECURITYVULNS:DOC:24526", "SECURITYVULNS:DOC:26399", "SECURITYVULNS:DOC:26586", "SECURITYVULNS:VULN:10192", "SECURITYVULNS:VULN:10517", "SECURITYVULNS:VULN:10628", "SECURITYVULNS:VULN:10709", "SECURITYVULNS:VULN:10787", "SECURITYVULNS:VULN:10950", "SECURITYVULNS:VULN:11070", "SECURITYVULNS:VULN:11686", "SECURITYVULNS:VULN:9904"]}, {"type": "seebug", "idList": ["SSV:12149", "SSV:19826"]}, {"type": "slackware", "idList": ["SSA-2010-176-05", "SSA-2010-180-02"]}, {"type": "suse", "idList": ["SUSE-SA:2010:006"]}, {"type": "threatpost", "idList": ["THREATPOST:6CB2F078F2F28D2E3B374AC41E31FF3B", "THREATPOST:E11864189C14E8A77A62BA875C735AA4"]}, {"type": "ubuntu", "idList": ["USN-1158-1", "USN-1377-1", "USN-881-1", "USN-906-1", "USN-916-1", "USN-940-1", "USN-940-2", "USN-952-1", "USN-954-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1381", "UB:CVE-2009-1578", "UB:CVE-2009-1579", "UB:CVE-2009-1580", "UB:CVE-2009-1581", "UB:CVE-2009-2964", "UB:CVE-2009-4212", "UB:CVE-2010-0186", "UB:CVE-2010-0187", "UB:CVE-2010-0283", "UB:CVE-2010-0302", "UB:CVE-2010-0540", "UB:CVE-2010-0541", "UB:CVE-2010-0734", "UB:CVE-2010-1320", "UB:CVE-2010-1411", "UB:CVE-2010-1748"]}, {"type": "veracode", "idList": ["VERACODE:23881", "VERACODE:23882", "VERACODE:23883", "VERACODE:23891", "VERACODE:23984", "VERACODE:24038", "VERACODE:24040", "VERACODE:24126", "VERACODE:24146", "VERACODE:24219", "VERACODE:24602"]}, {"type": "vmware", "idList": ["VMSA-2010-0009", "VMSA-2010-0009.2", "VMSA-2010-0015", "VMSA-2010-0015.1", "VMSA-2010-0016", "VMSA-2010-0016.1"]}]}, "score": {"value": 0.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:0057", "CESA-2009:1066", "CESA-2009:1490", "CESA-2010:0029", "CESA-2010:0129", "CESA-2010:0329", "CESA-2010:0490", "CESA-2010:0519", "CESA-2010:0520", "CESA-2011:0908", "CESA-2011:0909"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2010-039"]}, {"type": "cve", "idList": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0283", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1320", "CVE-2010-1373", "CVE-2010-1374", "CVE-2010-1376", "CVE-2010-1377", "CVE-2010-1379", "CVE-2010-1380", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1802-1:4EDD5", "DEBIAN:DSA-2023-1:78B2A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-0302", "DEBIANCVE:CVE-2010-0540", "DEBIANCVE:CVE-2010-0734", "DEBIANCVE:CVE-2010-1748"]}, {"type": "fedora", "idList": ["FEDORA:431E7111A04", "FEDORA:C172110FA46", "FEDORA:E756210FACD"]}, {"type": "freebsd", "idList": ["313DA7DC-763B-11DF-BCCE-0018F3E2EB82", "34E0316A-AA91-11DF-8C2E-001517289BF8", "86B8B655-4D1A-11DF-83FB-0015587E2CC1", "9AC0F9C4-492B-11DF-83FB-0015587E2CC1", "C8C31C41-49ED-11DF-83FB-0015587E2CC1", "FF6519AD-18E5-11DF-9BDD-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-201207-10"]}, {"type": "jvn", "idList": ["JVN:30881447"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-DESKTOPSERVICES-CVE-2010-0545/", "MSF:ILITIES/APPLE-OSX-FOLDERMANAGER-CVE-2010-0546/", "MSF:ILITIES/APPLE-OSX-HELPVIEWER-CVE-2010-1373/", "MSF:ILITIES/APPLE-OSX-ICHAT-CVE-2010-1374/", "MSF:ILITIES/APPLE-OSX-IMAGEIO-CVE-2010-1816/", "MSF:ILITIES/APPLE-OSX-NETWORKAUTHORIZATION-CVE-2010-1376/", "MSF:ILITIES/APPLE-OSX-OPENDIRECTORY-CVE-2010-1377/", "MSF:ILITIES/APPLE-OSX-PRINTERSETUP-CVE-2010-1379/", "MSF:ILITIES/APPLE-OSX-PRINTING-CVE-2010-1380/", "MSF:ILITIES/APPLE-OSX-WIKISERVER-CVE-2010-1382/"]}, {"type": "nessus", "idList": ["5573.PRM", "ADOBE_AIR_APSB10-06.NASL", "CENTOS_RHSA-2010-0519.NASL", "FEDORA_2009-8797.NASL", "FEDORA_2009-8822.NASL", "FEDORA_2010-1722.NASL", "FEDORA_2010-2762.NASL", "FREEBSD_PKG_313DA7DC763B11DFBCCE0018F3E2EB82.NASL", "MANDRIVA_MDVSA-2010-233.NASL", "ORACLELINUX_ELSA-2009-1595.NASL", "ORACLELINUX_ELSA-2010-0329.NASL", "REDHAT-RHSA-2009-0057.NASL", "SLACKWARE_SSA_2010-176-05.NASL", "SL_20100617_CUPS_ON_SL3_X.NASL", "SUSE_11_0_ACROREAD-100225.NASL", "SUSE_11_3_CUPS-101124.NASL", "SUSE_11_RUBY-110517.NASL", "UBUNTU_USN-906-1.NASL", "VMWARE_VMSA-2010-0015_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103454", "OPENVAS:1361412562310122481", "OPENVAS:136141256231064063", "OPENVAS:136141256231069111", "OPENVAS:136141256231072419", "OPENVAS:1361412562310830877", "OPENVAS:1361412562310861974", "OPENVAS:1361412562310862220", "OPENVAS:1361412562310862228", "OPENVAS:1361412562310870449", "OPENVAS:65731", "OPENVAS:70814", "OPENVAS:830888", "OPENVAS:862222"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1066", "ELSA-2009-1490", "ELSA-2010-0029", "ELSA-2010-0129", "ELSA-2010-0329", "ELSA-2010-0490"]}, {"type": "redhat", "idList": ["RHSA-2009:0057", "RHSA-2009:1066", "RHSA-2009:1490", "RHSA-2010:0029", "RHSA-2010:0129"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26399"]}, {"type": "slackware", "idList": ["SSA-2010-180-02"]}, {"type": "suse", "idList": ["SUSE-SA:2010:006"]}, {"type": "threatpost", "idList": ["THREATPOST:6CB2F078F2F28D2E3B374AC41E31FF3B"]}, {"type": "ubuntu", "idList": ["USN-1158-1", "USN-940-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1581", "UB:CVE-2010-0283", "UB:CVE-2010-0302"]}, {"type": "vmware", "idList": ["VMSA-2010-0016.1"]}]}, "exploitation": null, "vulnersScore": 0.8}, "pluginID": "47023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(47023);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-1578\",\n \"CVE-2009-1579\",\n \"CVE-2009-1580\",\n \"CVE-2009-1581\",\n \"CVE-2009-2964\",\n \"CVE-2009-4212\",\n \"CVE-2010-0186\",\n \"CVE-2010-0187\",\n \"CVE-2010-0283\",\n \"CVE-2010-0302\",\n \"CVE-2010-0540\",\n \"CVE-2010-0541\",\n \"CVE-2010-0545\",\n \"CVE-2010-0546\",\n \"CVE-2010-0734\",\n \"CVE-2010-1320\",\n \"CVE-2010-1373\",\n \"CVE-2010-1374\",\n \"CVE-2010-1376\",\n \"CVE-2010-1377\",\n \"CVE-2010-1379\",\n \"CVE-2010-1380\",\n \"CVE-2010-1381\",\n \"CVE-2010-1382\",\n \"CVE-2010-1411\",\n \"CVE-2010-1748\",\n \"CVE-2010-1816\",\n \"CVE-2010-1821\"\n );\n script_bugtraq_id(\n 34916,\n 36196,\n 37749,\n 38198,\n 38200,\n 38260,\n 38510,\n 39599,\n 40886,\n 40887,\n 40888,\n 40889,\n 40892,\n 40893,\n 40895,\n 40897,\n 40902,\n 40903,\n 40905\n );\n\n script_name(english:\"Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6.x that is prior\nto 10.6.4.\n\nMac OS X 10.6.4 contains security fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - Help Viewer\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Open Directory\n - Printer Setup\n - Printing\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4188\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mac OS X 10.6.4 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 79, 94, 189, 287, 352, 399);\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(1, \"The 'Host/OS' KB item is missing.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The 'Host/MacOSX/Version' KB item is missing.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-3]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "naslFamily": "MacOS X Local Security Checks", "cpe": ["cpe:/o:apple:mac_os_x"], "solution": "Upgrade to Mac OS X 10.6.4 or later.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2010-06-15T00:00:00", "vulnerabilityPublicationDate": "2009-05-08T00:00:00", "exploitableWith": ["Core Impact"], "_state": {"dependencies": 1660012827, "score": 1659910520}, "_internal": {"score_hash": "83eed1bdd8bb322f74bd49ebfe1c25b6"}}

{"nessus": [{"lastseen": "2021-08-19T13:03:51", "description": "Versions of Mac OS X 10.6 earlier than 10.6.4 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.4 contains security fixes for the following products :\n\n - CUPS\n\n - DesktopServices\n\n - Flash Player plug-in\n\n - Folder Manager\n\n - Help Viewer\n\n - iChat\n\n - ImageIO\n\nKerberos\n\n - libcurl\n\n - Network Authorization\n\n - Open Directory\n\n - Printer Setup\n\n - Printing\n\n - Ruby\n\n - SMB File Server\n\n - SquirrelMail\n\n - Wiki Server", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578", "CVE-2009-1579", "CVE-2010-0302", "CVE-2010-0734", "CVE-2010-0186", "CVE-2010-1411", "CVE-2009-4212", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0541", "CVE-2010-0187", "CVE-2009-2964", "CVE-2010-1320", "CVE-2010-0283", "CVE-2010-1374", "CVE-2010-1377", "CVE-2010-1380", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-1373", "CVE-2010-1376", "CVE-2010-1379", "CVE-2010-1381", "CVE-2010-1382"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "5571.PRM", "href": "https://www.tenable.com/plugins/nnm/5571", "sourceData": "Binary data 5571.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:50", "description": "Versions of Mac OS X 10.6 earlier than 10.6.4 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.4 contains security fixes for the following products :\n\n - CUPS\n\n - DesktopServices\n\n - Flash Player plug-in\n\n - Folder Manager\n\n - Help Viewer\n\n - iChat\n\n - ImageIO\n\nKerberos\n\n - libcurl\n\n - Network Authorization\n\n - Open Directory\n\n - Printer Setup\n\n - Printing\n\n - Ruby\n\n - SMB File Server\n\n - SquirrelMail\n\n - Wiki Server", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578", "CVE-2009-1579", "CVE-2010-0302", "CVE-2010-0734", "CVE-2010-0186", "CVE-2010-1411", "CVE-2009-4212", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0541", "CVE-2010-0187", "CVE-2009-2964", "CVE-2010-1320", "CVE-2010-0283", "CVE-2010-1374", "CVE-2010-1377", "CVE-2010-1380", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-1373", "CVE-2010-1376", "CVE-2010-1379", "CVE-2010-1381", "CVE-2010-1382"], "modified": "2010-06-15T00:00:00", "cpe": [], "id": "800793.PRM", "href": "https://www.tenable.com/plugins/lce/800793", "sourceData": "Binary data 800793.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T15:28:51", "description": "The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-004 applied. \n\nThis security update contains fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2010-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1374", "CVE-2010-1375", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411", "CVE-2010-1748", "CVE-2010-1816", "CVE-2010-1821"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2010-004.NASL", "href": "https://www.tenable.com/plugins/nessus/47024", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(47024);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-1578\",\n \"CVE-2009-1579\",\n \"CVE-2009-1580\",\n \"CVE-2009-1581\",\n \"CVE-2009-2964\",\n \"CVE-2009-4212\",\n \"CVE-2010-0186\",\n \"CVE-2010-0187\",\n \"CVE-2010-0302\",\n \"CVE-2010-0540\",\n \"CVE-2010-0541\",\n \"CVE-2010-0543\",\n \"CVE-2010-0545\",\n \"CVE-2010-0546\",\n \"CVE-2010-0734\",\n \"CVE-2010-1374\",\n \"CVE-2010-1375\",\n \"CVE-2010-1381\",\n \"CVE-2010-1382\",\n \"CVE-2010-1411\",\n \"CVE-2010-1748\",\n \"CVE-2010-1816\",\n \"CVE-2010-1821\"\n );\n script_bugtraq_id(\n 34916,\n 36196,\n 37749,\n 38198,\n 38200,\n 38510,\n 40887,\n 40889,\n 40892,\n 40893,\n 40894,\n 40895,\n 40896,\n 40897,\n 40898\n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2010-004)\");\n script_summary(english:\"Check for the presence of Security Update 2010-004\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes a security\nissue.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.5 that does not\nhave Security Update 2010-004 applied. \n\nThis security update contains fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4188\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install Security Update 2010-004 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 189, 287, 352, 399);\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(1, \"The 'Host/uname' KB item is missing.\");\n\npat = \"^.+Darwin.* ([0-9]+\\.[0-9.]+).*$\";\nif (!ereg(pattern:pat, string:uname)) exit(1, \"Can't identify the Darwin kernel version from the uname output (\"+uname+\").\");\n\n\ndarwin = ereg_replace(pattern:pat, replace:\"\\1\", string:uname);\nif (ereg(pattern:\"^9\\.[0-8]\\.\", string:darwin))\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if (!packages) exit(1, \"The 'Host/MacOSX/packages/boms' KB item is missing.\");\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2010\\.00[4-9]|201[1-9]\\.[0-9]+)(\\.leopard)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2010-004 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running Darwin kernel version \"+darwin+\" and therefore is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:42", "description": "- Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.18-1\n\n - updated to 1.4.18\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-13T00:00:00", "type": "nessus", "title": "Fedora 11 : squirrelmail-1.4.18-1.fc11 (2009-4875)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-4875.NASL", "href": "https://www.tenable.com/plugins/nessus/38749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-4875.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38749);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_xref(name:\"FEDORA\", value:\"2009-4875\");\n\n script_name(english:\"Fedora 11 : squirrelmail-1.4.18-1.fc11 (2009-4875)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.18-1\n\n - updated to 1.4.18\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500363\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/023473.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2ce447f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"squirrelmail-1.4.18-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:49", "description": "squirrelmail is now able to work with unsigned 32bit UID values with 32-bit version of php\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-13T00:00:00", "type": "nessus", "title": "Fedora 10 : squirrelmail-1.4.18-1.fc10 (2009-4880)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-4880.NASL", "href": "https://www.tenable.com/plugins/nessus/38750", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-4880.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38750);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_xref(name:\"FEDORA\", value:\"2009-4880\");\n\n script_name(english:\"Fedora 10 : squirrelmail-1.4.18-1.fc10 (2009-4880)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"squirrelmail is now able to work with unsigned 32bit UID values with\n32-bit version of php\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500363\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/023478.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e214ce9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"squirrelmail-1.4.18-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:42", "description": "Multiple vulnerabilities have been fixed in SquirrelMail: an XSS and input sanitization bug (both CVE-2009-1578), a server-side code execution (CVE-2009-1579), a login session hijacking bug (CVE-2009-1580) and another bug that allowed phishing and XSS attacks (CVE-2009-1581).", "cvss3": {"score": null, "vector": null}, "published": "2009-05-14T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : squirrelmail (squirrelmail-6242)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:squirrelmail", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_SQUIRRELMAIL-6242.NASL", "href": "https://www.tenable.com/plugins/nessus/38776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update squirrelmail-6242.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38776);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n\n script_name(english:\"openSUSE 10 Security Update : squirrelmail (squirrelmail-6242)\");\n script_summary(english:\"Check for the squirrelmail-6242 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been fixed in SquirrelMail: an XSS and\ninput sanitization bug (both CVE-2009-1578), a server-side code\nexecution (CVE-2009-1579), a login session hijacking bug\n(CVE-2009-1580) and another bug that allowed phishing and XSS attacks\n(CVE-2009-1581).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"squirrelmail-1.4.18-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SquirrelMail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:19:33", "description": "The remote host is running SquirrelMail, a web-based email client. The installed version of SquirrelMail is affected by multiple vulnerabilities : \n\n - Multiple cross-site scripting vulnerabilities.\n\n - A code-injection vulnerability affects the 'map_yp_alias' function which an attacker could exploit to execute arbitrary code subject to the privileges of the web server.\n\n - Multiple session-fixation issues could allow an attacker to steal an unsuspecting user's session.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2004-08-18T00:00:00", "type": "nessus", "title": "SquirrelMail < 1.4.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578", "CVE-2009-1579"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*"], "id": "5037.PRM", "href": "https://www.tenable.com/plugins/nnm/5037", "sourceData": "Binary data 5037.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:49", "description": "Several remote vulnerabilities have been discovered in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-1578 Cross site scripting was possible through a number of pages which allowed an attacker to steal sensitive session data.\n\n - CVE-2009-1579, CVE-2009-1381 Code injection was possible when SquirrelMail was configured to use the map_yp_alias function to authenticate users. This is not the default.\n\n - CVE-2009-1580 It was possible to hijack an active user session by planting a specially crafted cookie into the user's browser.\n\n - CVE-2009-1581 Specially crafted HTML emails could use the CSS positioning feature to place email content over the SquirrelMail user interface, allowing for phishing.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-20T00:00:00", "type": "nessus", "title": "Debian DSA-1802-2 : squirrelmail - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squirrelmail", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1802.NASL", "href": "https://www.tenable.com/plugins/nessus/38859", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1802. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38859);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_xref(name:\"DSA\", value:\"1802\");\n\n script_name(english:\"Debian DSA-1802-2 : squirrelmail - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in SquirrelMail, a\nwebmail application. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-1578\n Cross site scripting was possible through a number of\n pages which allowed an attacker to steal sensitive\n session data.\n\n - CVE-2009-1579, CVE-2009-1381\n Code injection was possible when SquirrelMail was\n configured to use the map_yp_alias function to\n authenticate users. This is not the default.\n\n - CVE-2009-1580\n It was possible to hijack an active user session by\n planting a specially crafted cookie into the user's\n browser.\n\n - CVE-2009-1581\n Specially crafted HTML emails could use the CSS\n positioning feature to place email content over the\n SquirrelMail user interface, allowing for phishing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1581\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1802\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squirrelmail package.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 1.4.9a-5.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"squirrelmail\", reference:\"1.4.9a-5\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"squirrelmail\", reference:\"1.4.15-4+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:07", "description": "The remote host is affected by the vulnerability described in GLSA-201001-08 (SquirrelMail: Multiple vulnerabilities)\n\n Multiple vulnerabilities were found in SquirrelMail:\n Niels Teusink reported multiple input sanitation flaws in certain encrypted strings in e-mail headers, related to contrib/decrypt_headers.php, PHP_SELF and the query string (aka QUERY_STRING) (CVE-2009-1578).\n Niels Teusink also reported that the map_yp_alias() function in functions/imap_general.php does not filter shell metacharacters in a username and that the original patch was incomplete (CVE-2009-1381, CVE-2009-1579).\n Tomas Hoger discovered an unspecified session fixation vulnerability (CVE-2009-1580).\n Luc Beurton reported that functions/mime.php does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages (CVE-2009-1581).\n Impact :\n\n The vulnerabilities allow remote attackers to execute arbitrary code with the privileges of the user running the web server, to hijack web sessions via a crafted cookie, to spoof the user interface and to conduct Cross-Site Scripting and phishing attacks, via a specially crafted message.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-25T00:00:00", "type": "nessus", "title": "GLSA-201001-08 : SquirrelMail: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:squirrelmail", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201001-08.NASL", "href": "https://www.tenable.com/plugins/nessus/44897", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201001-08.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44897);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_xref(name:\"GLSA\", value:\"201001-08\");\n\n script_name(english:\"GLSA-201001-08 : SquirrelMail: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201001-08\n(SquirrelMail: Multiple vulnerabilities)\n\n Multiple vulnerabilities were found in SquirrelMail:\n Niels\n Teusink reported multiple input sanitation flaws in certain encrypted\n strings in e-mail headers, related to contrib/decrypt_headers.php,\n PHP_SELF and the query string (aka QUERY_STRING) (CVE-2009-1578).\n Niels Teusink also reported that the map_yp_alias() function\n in functions/imap_general.php does not filter shell metacharacters in a\n username and that the original patch was incomplete (CVE-2009-1381,\n CVE-2009-1579).\n Tomas Hoger discovered an unspecified session fixation\n vulnerability (CVE-2009-1580).\n Luc Beurton reported that functions/mime.php does not protect\n the application's content from Cascading Style Sheets (CSS) positioning\n in HTML e-mail messages (CVE-2009-1581).\n \nImpact :\n\n The vulnerabilities allow remote attackers to execute arbitrary code\n with the privileges of the user running the web server, to hijack web\n sessions via a crafted cookie, to spoof the user interface and to\n conduct Cross-Site Scripting and phishing attacks, via a specially\n crafted message.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201001-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SquirrelMail users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/squirrelmail-1.4.19'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"mail-client/squirrelmail\", unaffected:make_list(\"ge 1.4.19\"), vulnerable:make_list(\"lt 1.4.19\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SquirrelMail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:38", "description": "A server-side code injection flaw was found in the SquirrelMail 'map_yp_alias' function. If SquirrelMail was configured to retrieve a user's IMAP server address from a Network Information Service (NIS) server via the 'map_yp_alias' function, an unauthenticated, remote attacker using a specially crafted username could use this flaw to execute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause the user's web browser to execute malicious script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading Style Sheets (CSS) directives used in HTML mail. A remote attacker could send a specially crafted email that could place mail content above SquirrelMail's controls, possibly allowing phishing and cross-site scripting attacks. (CVE-2009-1581)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1581"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090526_SQUIRRELMAIL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60590", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60590);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n\n script_name(english:\"Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A server-side code injection flaw was found in the SquirrelMail\n'map_yp_alias' function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS)\nserver via the 'map_yp_alias' function, an unauthenticated, remote\nattacker using a specially crafted username could use this flaw to\nexecute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once\nvisited by an unsuspecting user, could cause the user's web browser to\nexecute malicious script in the context of the visited SquirrelMail\nweb page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize\nCascading Style Sheets (CSS) directives used in HTML mail. A remote\nattacker could send a specially crafted email that could place mail\ncontent above SquirrelMail's controls, possibly allowing phishing and\ncross-site scripting attacks. (CVE-2009-1581)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=2031\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13ecbedc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"squirrelmail-1.4.8-13.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"squirrelmail-1.4.8-5.el4_8.5\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"squirrelmail-1.4.8-5.el5_3.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:48:25", "description": "- Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.18-1\n\n - update to 1.4.18 (fixes CVE-2009-1581)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\n - Wed Oct 1 2008 Michal Hlavinka <mhlavink at redhat.com> - 1.4.16-1\n\n - update to 1.4.16\n\n - resolves: #464185: CVE-2008-3663 Squirrelmail session hijacking\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-13T00:00:00", "type": "nessus", "title": "Fedora 9 : squirrelmail-1.4.18-1.fc9 (2009-4870)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2379", "CVE-2008-3663", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2009-4870.NASL", "href": "https://www.tenable.com/plugins/nessus/38748", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-4870.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38748);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_xref(name:\"FEDORA\", value:\"2009-4870\");\n\n script_name(english:\"Fedora 9 : squirrelmail-1.4.18-1.fc9 (2009-4870)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.18-1\n\n - update to 1.4.18 (fixes CVE-2009-1581)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\n - Wed Oct 1 2008 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.16-1\n\n - update to 1.4.16\n\n - resolves: #464185: CVE-2008-3663 Squirrelmail session\n hijacking\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500363\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/023467.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9d75ec7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"squirrelmail-1.4.18-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:50", "description": "An updated squirrelmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail 'map_yp_alias' function. If SquirrelMail was configured to retrieve a user's IMAP server address from a Network Information Service (NIS) server via the 'map_yp_alias' function, an unauthenticated, remote attacker using a specially crafted username could use this flaw to execute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause the user's web browser to execute malicious script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading Style Sheets (CSS) directives used in HTML mail. A remote attacker could send a specially crafted email that could place mail content above SquirrelMail's controls, possibly allowing phishing and cross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-28T00:00:00", "type": "nessus", "title": "CentOS 3 / 5 : squirrelmail (CESA-2009:1066)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1581"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squirrelmail", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-1066.NASL", "href": "https://www.tenable.com/plugins/nessus/38930", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1066 and \n# CentOS Errata and Security Advisory 2009:1066 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38930);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_xref(name:\"RHSA\", value:\"2009:1066\");\n\n script_name(english:\"CentOS 3 / 5 : squirrelmail (CESA-2009:1066)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail\n'map_yp_alias' function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS)\nserver via the 'map_yp_alias' function, an unauthenticated, remote\nattacker using a specially crafted username could use this flaw to\nexecute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once\nvisited by an unsuspecting user, could cause the user's web browser to\nexecute malicious script in the context of the visited SquirrelMail\nweb page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize\nCascading Style Sheets (CSS) directives used in HTML mail. A remote\nattacker could send a specially crafted email that could place mail\ncontent above SquirrelMail's controls, possibly allowing phishing and\ncross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015945.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f75d4be\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015946.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?166111da\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015947.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6dc56e3\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015948.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca17c7b1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-13.el3.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-13.el3.centos.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"squirrelmail-1.4.8-5.el5.centos.7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:50", "description": "An updated squirrelmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail 'map_yp_alias' function. If SquirrelMail was configured to retrieve a user's IMAP server address from a Network Information Service (NIS) server via the 'map_yp_alias' function, an unauthenticated, remote attacker using a specially crafted username could use this flaw to execute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause the user's web browser to execute malicious script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading Style Sheets (CSS) directives used in HTML mail. A remote attacker could send a specially crafted email that could place mail content above SquirrelMail's controls, possibly allowing phishing and cross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-27T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1066)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1581"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squirrelmail", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-1066.NASL", "href": "https://www.tenable.com/plugins/nessus/38922", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1066. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38922);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_xref(name:\"RHSA\", value:\"2009:1066\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1066)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail\n'map_yp_alias' function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS)\nserver via the 'map_yp_alias' function, an unauthenticated, remote\nattacker using a specially crafted username could use this flaw to\nexecute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once\nvisited by an unsuspecting user, could cause the user's web browser to\nexecute malicious script in the context of the visited SquirrelMail\nweb page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize\nCascading Style Sheets (CSS) directives used in HTML mail. A remote\nattacker could send a specially crafted email that could place mail\ncontent above SquirrelMail's controls, possibly allowing phishing and\ncross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1581\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2009-05-08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2009-05-10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2009-05-12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1066\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1066\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"squirrelmail-1.4.8-13.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"squirrelmail-1.4.8-5.el4_8.5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"squirrelmail-1.4.8-5.el5_3.7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:35", "description": "From Red Hat Security Advisory 2009:1066 :\n\nAn updated squirrelmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail 'map_yp_alias' function. If SquirrelMail was configured to retrieve a user's IMAP server address from a Network Information Service (NIS) server via the 'map_yp_alias' function, an unauthenticated, remote attacker using a specially crafted username could use this flaw to execute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause the user's web browser to execute malicious script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading Style Sheets (CSS) directives used in HTML mail. A remote attacker could send a specially crafted email that could place mail content above SquirrelMail's controls, possibly allowing phishing and cross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-1066)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1381", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1581"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squirrelmail", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1066.NASL", "href": "https://www.tenable.com/plugins/nessus/67865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1066 and \n# Oracle Linux Security Advisory ELSA-2009-1066 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67865);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_xref(name:\"RHSA\", value:\"2009:1066\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-1066)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1066 :\n\nAn updated squirrelmail package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA server-side code injection flaw was found in the SquirrelMail\n'map_yp_alias' function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS)\nserver via the 'map_yp_alias' function, an unauthenticated, remote\nattacker using a specially crafted username could use this flaw to\nexecute arbitrary code with the privileges of the web server.\n(CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nAn attacker could construct a carefully crafted URL, which once\nvisited by an unsuspecting user, could cause the user's web browser to\nexecute malicious script in the context of the visited SquirrelMail\nweb page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize\nCascading Style Sheets (CSS) directives used in HTML mail. A remote\nattacker could send a specially crafted email that could place mail\ncontent above SquirrelMail's controls, possibly allowing phishing and\ncross-site scripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001014.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001019.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-13.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-13.0.1.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"squirrelmail-1.4.8-5.0.1.el4_8.5\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"squirrelmail-1.4.8-5.0.1.el5_3.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:04", "description": "The remote host contains a version of Adobe Flash Player that is earlier than 10.0.45.2. Such versions are potentially affected by multiple vulnerabilities : \n\n - An issue which could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186)\n - An unspecified denial of service. (CVE-2010-0187)", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2010-02-12T00:00:00", "type": "nessus", "title": "Flash Player < 10.0.45.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"], "id": "5338.PRM", "href": "https://www.tenable.com/plugins/nnm/5338", "sourceData": "Binary data 5338.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T13:05:10", "description": "Insufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition (CVE-2010-0187).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : flash-player (flash-player-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:flash-player", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_FLASH-PLAYER-100214.NASL", "href": "https://www.tenable.com/plugins/nessus/44638", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update flash-player-1970.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44638);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"openSUSE Security Update : flash-player (flash-player-1970)\");\n script_summary(english:\"Check for the flash-player-1970 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient checks in flash-player allowed malicious flash applets to\ncreate illegal cross-domain requests (CVE-2010-0186). The update also\nfixes a denial of service condition (CVE-2010-0187).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=578997\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"flash-player-10.0.45.2-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:56:15", "description": "An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.\n\nThis update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-06 page listed in the References section. If a victim loaded a web page containing specially crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. (CVE-2010-0186, CVE-2010-0187)\n\nAll users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.0.45.2.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : flash-plugin (RHSA-2010:0102)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:flash-plugin", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.4"], "id": "REDHAT-RHSA-2010-0102.NASL", "href": "https://www.tenable.com/plugins/nessus/63917", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0102. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63917);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_xref(name:\"RHSA\", value:\"2010:0102\");\n\n script_name(english:\"RHEL 5 : flash-plugin (RHSA-2010:0102)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes two security issues\nis now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe\nFlash Player web browser plug-in.\n\nThis update fixes two vulnerabilities in Adobe Flash Player. These\nvulnerabilities are summarized on the Adobe Security Advisory\nAPSB10-06 page listed in the References section. If a victim loaded a\nweb page containing specially crafted SWF content, it could cause\nFlash Player to perform unauthorized cross-domain requests, leading to\nthe disclosure of sensitive data. (CVE-2010-0186, CVE-2010-0187)\n\nAll users of Adobe Flash Player should install this updated package,\nwhich upgrades Flash Player to version 10.0.45.2.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0187\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb10-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb10-06.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0102\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0102\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"flash-plugin-10.0.45.2-1.el5\")) flag++;\n\n\n if (flag)\n {\n flash_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check only applies to RedHat released\\n' +\n 'versions of the flash-plugin package. This check does not apply to\\n' +\n 'Adobe released versions of the flash-plugin package, which are\\n' +\n 'versioned similarly and cause collisions in detection.\\n\\n' +\n\n 'If you are certain you are running the Adobe released package of\\n' +\n 'flash-plugin and are running a version of it equal or higher to the\\n' +\n 'RedHat version listed above then you can consider this a false\\n' +\n 'positive.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-plugin\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:17", "description": "The following bug has been fixed :\n\nInsufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition. (CVE-2010-0187)", "cvss3": {"score": null, "vector": null}, "published": "2010-02-17T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : flash-player (SAT Patch Number 1977)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:flash-player", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_FLASH-PLAYER-100214.NASL", "href": "https://www.tenable.com/plugins/nessus/44639", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44639);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"SuSE 11 Security Update : flash-player (SAT Patch Number 1977)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bug has been fixed :\n\nInsufficient checks in flash-player allowed malicious flash applets to\ncreate illegal cross-domain requests (CVE-2010-0186). The update also\nfixes a denial of service condition. (CVE-2010-0187)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=578997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0186.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0187.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1977.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"flash-player-10.0.45.2-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:10", "description": "Adobe Product Security Incident Response Team reports :\n\nA critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "FreeBSD : linux-flashplugin -- multiple vulnerabilities (ff6519ad-18e5-11df-9bdd-001b2134ef46)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin", "p-cpe:/a:freebsd:freebsd:linux-f8-flashplugin", "p-cpe:/a:freebsd:freebsd:linux-flashplugin", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_FF6519AD18E511DF9BDD001B2134EF46.NASL", "href": "https://www.tenable.com/plugins/nessus/44602", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44602);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"FreeBSD : linux-flashplugin -- multiple vulnerabilities (ff6519ad-18e5-11df-9bdd-001b2134ef46)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adobe Product Security Incident Response Team reports :\n\nA critical vulnerability has been identified in Adobe Flash Player\nversion 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186)\ncould subvert the domain sandbox and make unauthorized cross-domain\nrequests. This update also resolves a potential Denial of Service\nissue (CVE-2010-0187).\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb10-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb10-06.html\"\n );\n # https://vuxml.freebsd.org/freebsd/ff6519ad-18e5-11df-9bdd-001b2134ef46.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c69348a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f8-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"linux-flashplugin<9.0r262\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f8-flashplugin<10.0r45\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-flashplugin<10.0r45\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:17", "description": "Insufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition (CVE-2010-0187).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : flash-player (flash-player-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:flash-player", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_FLASH-PLAYER-100214.NASL", "href": "https://www.tenable.com/plugins/nessus/44636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update flash-player-1970.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44636);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"openSUSE Security Update : flash-player (flash-player-1970)\");\n script_summary(english:\"Check for the flash-player-1970 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient checks in flash-player allowed malicious flash applets to\ncreate illegal cross-domain requests (CVE-2010-0186). The update also\nfixes a denial of service condition (CVE-2010-0187).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=578997\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"flash-player-10.0.45.2-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:01:54", "description": "The following bug has been fixed: Insufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition. (CVE-2010-0187)", "cvss3": {"score": null, "vector": null}, "published": "2011-01-27T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : flash-player (ZYPP Patch Number 6845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_FLASH-PLAYER-6845.NASL", "href": "https://www.tenable.com/plugins/nessus/51735", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51735);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"SuSE 10 Security Update : flash-player (ZYPP Patch Number 6845)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bug has been fixed: Insufficient checks in flash-player\nallowed malicious flash applets to create illegal cross-domain\nrequests (CVE-2010-0186). The update also fixes a denial of service\ncondition. (CVE-2010-0187)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0186.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0187.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6845.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"flash-player-9.0.262.0-0.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:10:55", "description": "The remote Windows host contains a version of Adobe Flash Player that is earlier than 10.0.45.2. Such versions are potentially affected by multiple vulnerabilities :\n\n - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186)\n\n - An unspecified denial of service. (CVE-2010-0187)", "cvss3": {"score": null, "vector": null}, "published": "2010-02-12T00:00:00", "type": "nessus", "title": "Flash Player < 10.0.45.2 Multiple Vulnerabilities (APSB10-06)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "FLASH_PLAYER_APSB10_06.NASL", "href": "https://www.tenable.com/plugins/nessus/44596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44596);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_xref(name:\"SECUNIA\", value:\"38547\");\n\n script_name(english:\"Flash Player < 10.0.45.2 Multiple Vulnerabilities (APSB10-06)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a browser plug-in that is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host contains a version of Adobe Flash Player that\nis earlier than 10.0.45.2. Such versions are potentially affected by\nmultiple vulnerabilities :\n\n - An issue that could subvert the domain sandbox and make\n unauthorized cross-domain requests. (CVE-2010-0186)\n\n - An unspecified denial of service. (CVE-2010-0187)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Flash Player 10.0.45.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n\n exit(0);\n}\n\nif (!get_kb_item(\"SMB/Flash_Player/installed\")) exit(1, \"The 'SMB/Flash_Player/installed' KB item is missing.\");\n\ninclude(\"global_settings.inc\");\n\ninfo = '';\n\nforeach variant (make_list(\"Plugin\", \"ActiveX\"))\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n if(!isnull(vers) && !isnull(files))\n {\n foreach key (keys(vers))\n {\n ver = vers[key];\n if (ver)\n {\n iver = split(ver, sep:'.', keep:FALSE);\n for(i=0;i<max_index(iver);i++)\n iver[i] = int(iver[i]);\n if (\n (\n iver[0] == 10 && iver[1] == 0 &&\n (\n iver[2] < 45 ||\n (iver[2] == 45 && iver[3] < 2)\n )\n )\n )\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += ' - Browser Plugin (for Firefox / Netscape / Opera) :\\n';\n }\n else if (variant == \"ActiveX\")\n {\n info += ' - ActiveX control (for Internet Explorer) :\\n';\n }\n info += ' ' + file + ', '+ ver + '\\n';\n }\n }\n }\n }\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 2)\n inst = \"s\";\n else\n inst = \"\";\n\n report = \n '\\n' +\n 'Nessus has identified the following vulnerable instance' + inst + ' of Flash\\n' +\n 'Player installed on the remote host :\\n' +\n '\\n'+\n info;\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:05:18", "description": "Insufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition (CVE-2010-0187).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : flash-player (flash-player-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:flash-player", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_FLASH-PLAYER-100214.NASL", "href": "https://www.tenable.com/plugins/nessus/44637", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update flash-player-1970.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44637);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"openSUSE Security Update : flash-player (flash-player-1970)\");\n script_summary(english:\"Check for the flash-player-1970 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient checks in flash-player allowed malicious flash applets to\ncreate illegal cross-domain requests (CVE-2010-0186). The update also\nfixes a denial of service condition (CVE-2010-0187).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=578997\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"flash-player-10.0.45.2-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:11:08", "description": "The remote Windows host contains a version of Adobe AIR that is earlier than 1.5.3.9130 Such versions are potentially affected by multiple vulnerabilities :\n\n - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186)\n\n - An unspecified denial of service. (CVE-2010-0187)", "cvss3": {"score": null, "vector": null}, "published": "2010-02-12T00:00:00", "type": "nessus", "title": "Adobe AIR < 1.5.3.9130 Multiple Vulnerabilities (APSB10-06)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:air"], "id": "ADOBE_AIR_APSB10-06.NASL", "href": "https://www.tenable.com/plugins/nessus/44595", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44595);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_xref(name:\"SECUNIA\", value:\"38547\");\n\n script_name(english:\"Adobe AIR < 1.5.3.9130 Multiple Vulnerabilities (APSB10-06)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a version of Adobe AIR that is \naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host contains a version of Adobe AIR that is\nearlier than 1.5.3.9130 Such versions are potentially affected by\nmultiple vulnerabilities :\n\n - An issue that could subvert the domain sandbox and make\n unauthorized cross-domain requests. (CVE-2010-0186)\n\n - An unspecified denial of service. (CVE-2010-0187)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe AIR 1.5.3.9130 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_air_installed.nasl\");\n script_require_keys(\"SMB/Adobe_AIR/Version\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\nversion_ui = get_kb_item(\"SMB/Adobe_AIR/Version_UI\");\nversion = get_kb_item(\"SMB/Adobe_AIR/Version\");\nif (isnull(version)) exit(1, \"The 'SMB/Adobe_AIR/Version' KB item is missing.\");\n\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui;\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] < 1 ||\n (\n ver[0] == 1 &&\n (\n ver[1] < 5 ||\n (\n ver[1] == 5 && \n (\n ver[2] < 3 ||\n (ver[2] == 3 && ver[3] < 9130)\n )\n )\n )\n )\n)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n' +\n 'Adobe AIR ' + version_report + ' is currently installed on the remote host.\\n';\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nelse exit(0, \"The Adobe AIR \"+version_report+\" install is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:01:52", "description": "The following bug has been fixed: Insufficient checks in flash-player allowed malicious flash applets to create illegal cross-domain requests (CVE-2010-0186). The update also fixes a denial of service condition. (CVE-2010-0187)", "cvss3": {"score": null, "vector": null}, "published": "2011-01-27T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : flash-player (ZYPP Patch Number 6844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_FLASH-PLAYER-6844.NASL", "href": "https://www.tenable.com/plugins/nessus/51734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51734);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n\n script_name(english:\"SuSE 10 Security Update : flash-player (ZYPP Patch Number 6844)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bug has been fixed: Insufficient checks in flash-player\nallowed malicious flash applets to create illegal cross-domain\nrequests (CVE-2010-0186). The update also fixes a denial of service\ncondition. (CVE-2010-0187)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0186.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0187.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6844.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"flash-player-9.0.262.0-0.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:48:17", "description": "- Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.19-1\n\n - updated to 1.4.19\n\n - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n\n - Tue May 19 2009 Michal Hlavinka <mhlavink at redhat.com> - 1.4.18-2\n\n - fix undefined variable aSpamIds (#501260)\n\n - Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com> - 1.4.18-1\n\n - updated to 1.4.18\n\n - Wed Mar 18 2009 Michal Hlavinka <mhlavink at redhat.com> - 1.4.17-4\n\n - don't use white text (invisible on white paper) for highlighting in conf.pl (#427217)\n\n - Tue Mar 17 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.17-3\n\n - dont use colors in conf.pl by default (#427217)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhalvink at redhat.com> - 1.4.17-2\n\n - add missing locales\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-26T00:00:00", "type": "nessus", "title": "Fedora 10 : squirrelmail-1.4.19-1.fc10 (2009-5350)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2379", "CVE-2009-1381", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-5350.NASL", "href": "https://www.tenable.com/plugins/nessus/38905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5350.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38905);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1579\");\n script_xref(name:\"FEDORA\", value:\"2009-5350\");\n\n script_name(english:\"Fedora 10 : squirrelmail-1.4.19-1.fc10 (2009-5350)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.19-1\n\n - updated to 1.4.19\n\n - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n\n - Tue May 19 2009 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.18-2\n\n - fix undefined variable aSpamIds (#501260)\n\n - Tue May 12 2009 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.18-1\n\n - updated to 1.4.18\n\n - Wed Mar 18 2009 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.17-4\n\n - don't use white text (invisible on white paper) for\n highlighting in conf.pl (#427217)\n\n - Tue Mar 17 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.17-3\n\n - dont use colors in conf.pl by default (#427217)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhalvink at\n redhat.com> - 1.4.17-2\n\n - add missing locales\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=502137\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024103.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a30fb10b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"squirrelmail-1.4.19-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:48:41", "description": "- Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.19-1\n\n - updated to 1.4.19\n\n - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n\n - Tue May 19 2009 Michal Hlavinka <mhlavink at redhat.com> - 1.4.18-2\n\n - fix undefined variable aSpamIds (#501260)\n\n - Tue May 12 2009 Michal Hlavinka <mhlavink at redhat.com> - 1.4.18-1\n\n - update to 1.4.18 (fixes CVE-2009-1581)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\n - Wed Oct 1 2008 Michal Hlavinka <mhlavink at redhat.com> - 1.4.16-1\n\n - update to 1.4.16\n\n - resolves: #464185: CVE-2008-3663 Squirrelmail session hijacking\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-05-26T00:00:00", "type": "nessus", "title": "Fedora 9 : squirrelmail-1.4.19-1.fc9 (2009-5471)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2379", "CVE-2008-3663", "CVE-2009-1381", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2009-5471.NASL", "href": "https://www.tenable.com/plugins/nessus/38908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5471.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38908);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1579\");\n script_xref(name:\"FEDORA\", value:\"2009-5471\");\n\n script_name(english:\"Fedora 9 : squirrelmail-1.4.19-1.fc9 (2009-5471)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com>\n - 1.4.19-1\n\n - updated to 1.4.19\n\n - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n\n - Tue May 19 2009 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.18-2\n\n - fix undefined variable aSpamIds (#501260)\n\n - Tue May 12 2009 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.18-1\n\n - update to 1.4.18 (fixes CVE-2009-1581)\n\n - Thu Dec 4 2008 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.17-1\n\n - update to 1.4.17 (fixes CVE-2008-2379)\n\n - Wed Oct 1 2008 Michal Hlavinka <mhlavink at\n redhat.com> - 1.4.16-1\n\n - update to 1.4.16\n\n - resolves: #464185: CVE-2008-3663 Squirrelmail session\n hijacking\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=502137\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024096.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f28a7a38\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"squirrelmail-1.4.19-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:05", "description": "Adrian Pastor and Tim Starling discovered that the CUPS web interface incorrectly protected against cross-site request forgery (CSRF) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.\n(CVE-2010-0540)\n\nIt was discovered that CUPS did not properly handle memory allocations in the texttops filter. If a user or automated system were tricked into printing a crafted text file, a remote attacker could cause a denial of service or possibly execute arbitrary code with privileges of the CUPS user (lp). (CVE-2010-0542)\n\nLuca Carettoni discovered that the CUPS web interface incorrectly handled form variables. A remote attacker who had access to the CUPS web interface could use this flaw to read a limited amount of memory from the cupsd process and possibly obtain confidential data.\n(CVE-2010-1748).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-06-22T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : cups, cupsys vulnerabilities (USN-952-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:cups", "p-cpe:/a:canonical:ubuntu_linux:cups-bsd", "p-cpe:/a:canonical:ubuntu_linux:cups-client", "p-cpe:/a:canonical:ubuntu_linux:cups-common", "p-cpe:/a:canonical:ubuntu_linux:cups-dbg", "p-cpe:/a:canonical:ubuntu_linux:cups-ppdc", "p-cpe:/a:canonical:ubuntu_linux:cupsddk", "p-cpe:/a:canonical:ubuntu_linux:cupsys", "p-cpe:/a:canonical:ubuntu_linux:cupsys-bsd", "p-cpe:/a:canonical:ubuntu_linux:cupsys-client", "p-cpe:/a:canonical:ubuntu_linux:cupsys-common", "p-cpe:/a:canonical:ubuntu_linux:cupsys-dbg", "p-cpe:/a:canonical:ubuntu_linux:libcups2", "p-cpe:/a:canonical:ubuntu_linux:libcups2-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupscgi1", "p-cpe:/a:canonical:ubuntu_linux:libcupscgi1-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsdriver1", "p-cpe:/a:canonical:ubuntu_linux:libcupsdriver1-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsimage2", "p-cpe:/a:canonical:ubuntu_linux:libcupsimage2-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsmime1", "p-cpe:/a:canonical:ubuntu_linux:libcupsmime1-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsppdc1", "p-cpe:/a:canonical:ubuntu_linux:libcupsppdc1-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsys2", "p-cpe:/a:canonical:ubuntu_linux:libcupsys2-dev", "p-cpe:/a:canonical:ubuntu_linux:libcupsys2-gnutls10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-952-1.NASL", "href": "https://www.tenable.com/plugins/nessus/47108", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-952-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47108);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(40889, 40897, 40943);\n script_xref(name:\"USN\", value:\"952-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : cups, cupsys vulnerabilities (USN-952-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adrian Pastor and Tim Starling discovered that the CUPS web interface\nincorrectly protected against cross-site request forgery (CSRF)\nattacks. If an authenticated user were tricked into visiting a\nmalicious website while logged into CUPS, a remote attacker could\nmodify the CUPS configuration and possibly steal confidential data.\n(CVE-2010-0540)\n\nIt was discovered that CUPS did not properly handle memory allocations\nin the texttops filter. If a user or automated system were tricked\ninto printing a crafted text file, a remote attacker could cause a\ndenial of service or possibly execute arbitrary code with privileges\nof the CUPS user (lp). (CVE-2010-0542)\n\nLuca Carettoni discovered that the CUPS web interface incorrectly\nhandled form variables. A remote attacker who had access to the CUPS\nweb interface could use this flaw to read a limited amount of memory\nfrom the cupsd process and possibly obtain confidential data.\n(CVE-2010-1748).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/952-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups-bsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cups-ppdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsddk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsys-bsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsys-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsys-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cupsys-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcups2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupscgi1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupscgi1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsdriver1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsdriver1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsimage2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsimage2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsmime1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsmime1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsppdc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsppdc1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsys2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsys2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcupsys2-gnutls10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.04|9\\.10|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.04 / 9.10 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"cupsys\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"cupsys-bsd\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"cupsys-client\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcupsimage2\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcupsimage2-dev\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcupsys2\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcupsys2-dev\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libcupsys2-gnutls10\", pkgver:\"1.2.2-0ubuntu0.6.06.19\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"cupsys\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"cupsys-bsd\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"cupsys-client\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"cupsys-common\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcupsimage2\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcupsimage2-dev\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcupsys2\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libcupsys2-dev\", pkgver:\"1.3.7-1ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cups\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cups-bsd\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cups-client\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cups-common\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cups-dbg\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cupsys\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cupsys-bsd\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cupsys-client\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cupsys-common\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"cupsys-dbg\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcups2\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcups2-dev\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcupsimage2\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcupsimage2-dev\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcupsys2\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libcupsys2-dev\", pkgver:\"1.3.9-17ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups-bsd\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups-client\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups-common\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups-dbg\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cups-ppdc\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsddk\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsys\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsys-bsd\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsys-client\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsys-common\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"cupsys-dbg\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcups2\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcups2-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupscgi1\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupscgi1-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsdriver1\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsdriver1-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsimage2\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsimage2-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsmime1\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsmime1-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsppdc1\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libcupsppdc1-dev\", pkgver:\"1.4.1-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups-bsd\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups-client\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups-common\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups-dbg\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cups-ppdc\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsddk\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsys\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsys-bsd\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsys-client\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsys-common\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cupsys-dbg\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcups2\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcups2-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupscgi1\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupscgi1-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsdriver1\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsdriver1-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsimage2\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsimage2-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsmime1\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsmime1-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsppdc1\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcupsppdc1-dev\", pkgver:\"1.4.3-1ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-bsd / cups-client / cups-common / cups-dbg / cups-ppdc / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:00", "description": "New upstream release fixing several security issues: CVE-2010-0540, CVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : cups-1.4.4-4.fc11 (2010-10066)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-10066.NASL", "href": "https://www.tenable.com/plugins/nessus/47206", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10066.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47206);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(37048, 38510, 40889, 40897, 40943);\n script_xref(name:\"FEDORA\", value:\"2010-10066\");\n\n script_name(english:\"Fedora 11 : cups-1.4.4-4.fc11 (2010-10066)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release fixing several security issues: CVE-2010-0540,\nCVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=587746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=588805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=591983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=605397\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/043435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?873e79f9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"cups-1.4.4-4.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:07", "description": "Updated cups packages that fix three security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'texttops' filter converts text files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL pointer dereference, was found in the CUPS 'texttops' filter. An attacker could create a malicious text file that would cause 'texttops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web interface. If a remote attacker could trick a user, who is logged into the CUPS web interface as an administrator, into visiting a specially crafted website, the attacker could reconfigure and disable CUPS, and gain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be enabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for responsibly reporting these issues. Upstream acknowledges regenrecht as the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as the original reporter of CVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2010-06-21T00:00:00", "type": "nessus", "title": "CentOS 3 / 4 / 5 : cups (CESA-2010:0490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:cups", "p-cpe:/a:centos:centos:cups-devel", "p-cpe:/a:centos:centos:cups-libs", "p-cpe:/a:centos:centos:cups-lpd", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0490.NASL", "href": "https://www.tenable.com/plugins/nessus/47102", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0490 and \n# CentOS Errata and Security Advisory 2010:0490 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47102);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(40889, 40897);\n script_xref(name:\"RHSA\", value:\"2010:0490\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : cups (CESA-2010:0490)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'texttops' filter converts\ntext files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL\npointer dereference, was found in the CUPS 'texttops' filter. An\nattacker could create a malicious text file that would cause\n'texttops' to crash or, potentially, execute arbitrary code as the\n'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\ninterface. If a remote attacker could trick a user, who is logged into\nthe CUPS web interface as an administrator, into visiting a specially\ncrafted website, the attacker could reconfigure and disable CUPS, and\ngain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be\nenabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web\ninterface. If an attacker had access to the CUPS web interface, they\ncould use a specially crafted URL to leverage this flaw to read a\nlimited amount of memory from the cupsd process, possibly obtaining\nsensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for\nresponsibly reporting these issues. Upstream acknowledges regenrecht\nas the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of\nGNUCITIZEN and Tim Starling as the original reporters of\nCVE-2010-0540; and Luca Carettoni as the original reporter of\nCVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthis update, the cupsd daemon will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016914.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a02201d3\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016915.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8b7ca93\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-July/016811.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93fd5b0d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-July/016812.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1986c961\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-June/016735.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6a4df36\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-June/016736.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9eff0369\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"cups-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"cups-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"cups-1.1.22-0.rc1.9.32.el4.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"cups-1.1.22-0.rc1.9.32.el4.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"cups-devel-1.1.22-0.rc1.9.32.el4.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"cups-devel-1.1.22-0.rc1.9.32.el4.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"cups-libs-1.1.22-0.rc1.9.32.el4.6\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"cups-libs-1.1.22-0.rc1.9.32.el4.6\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-devel-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-libs-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:23", "description": "From Red Hat Security Advisory 2010:0490 :\n\nUpdated cups packages that fix three security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'texttops' filter converts text files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL pointer dereference, was found in the CUPS 'texttops' filter. An attacker could create a malicious text file that would cause 'texttops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web interface. If a remote attacker could trick a user, who is logged into the CUPS web interface as an administrator, into visiting a specially crafted website, the attacker could reconfigure and disable CUPS, and gain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be enabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for responsibly reporting these issues. Upstream acknowledges regenrecht as the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as the original reporter of CVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : cups (ELSA-2010-0490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:cups", "p-cpe:/a:oracle:linux:cups-devel", "p-cpe:/a:oracle:linux:cups-libs", "p-cpe:/a:oracle:linux:cups-lpd", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0490.NASL", "href": "https://www.tenable.com/plugins/nessus/68052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0490 and \n# Oracle Linux Security Advisory ELSA-2010-0490 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68052);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(40889, 40897);\n script_xref(name:\"RHSA\", value:\"2010:0490\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : cups (ELSA-2010-0490)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0490 :\n\nUpdated cups packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'texttops' filter converts\ntext files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL\npointer dereference, was found in the CUPS 'texttops' filter. An\nattacker could create a malicious text file that would cause\n'texttops' to crash or, potentially, execute arbitrary code as the\n'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\ninterface. If a remote attacker could trick a user, who is logged into\nthe CUPS web interface as an administrator, into visiting a specially\ncrafted website, the attacker could reconfigure and disable CUPS, and\ngain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be\nenabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web\ninterface. If an attacker had access to the CUPS web interface, they\ncould use a specially crafted URL to leverage this flaw to read a\nlimited amount of memory from the cupsd process, possibly obtaining\nsensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for\nresponsibly reporting these issues. Upstream acknowledges regenrecht\nas the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of\nGNUCITIZEN and Tim Starling as the original reporters of\nCVE-2010-0540; and Luca Carettoni as the original reporter of\nCVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthis update, the cupsd daemon will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-June/001503.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-June/001504.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-June/001505.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"cups-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"cups-devel-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"cups-libs-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-devel-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-libs-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:38", "description": "New upstream release fixing several security issues: CVE-2010-0540, CVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-27T00:00:00", "type": "nessus", "title": "Fedora 12 : cups-1.4.4-5.fc12 (2010-10101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-10101.NASL", "href": "https://www.tenable.com/plugins/nessus/47835", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10101.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47835);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(37048, 38510, 40889, 40897, 40943);\n script_xref(name:\"FEDORA\", value:\"2010-10101\");\n\n script_name(english:\"Fedora 12 : cups-1.4.4-5.fc12 (2010-10101)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release fixing several security issues: CVE-2010-0540,\nCVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=587746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=588805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=591983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=605397\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044567.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb9b73de\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"cups-1.4.4-5.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:00:49", "description": "New cups packages are available for Slackware 13.1 and -current to fix security issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-05-28T00:00:00", "type": "nessus", "title": "Slackware 13.1 / current : cups (SSA:2010-176-05)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:cups", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2010-176-05.NASL", "href": "https://www.tenable.com/plugins/nessus/54882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-176-05. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54882);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(40889, 40897, 40943);\n script_xref(name:\"SSA\", value:\"2010-176-05\");\n\n script_name(english:\"Slackware 13.1 / current : cups (SSA:2010-176-05)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New cups packages are available for Slackware 13.1 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.402474\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?719d51c3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.1\", pkgname:\"cups\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"cups\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"cups\", pkgver:\"1.4.4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"cups\", pkgver:\"1.4.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:02", "description": "New upstream release fixing several security issues: CVE-2010-0540, CVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-02T00:00:00", "type": "nessus", "title": "Fedora 13 : cups-1.4.4-5.fc13 (2010-10388)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cups", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-10388.NASL", "href": "https://www.tenable.com/plugins/nessus/47586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10388.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47586);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(38510, 40889, 40897, 40943);\n script_xref(name:\"FEDORA\", value:\"2010-10388\");\n\n script_name(english:\"Fedora 13 : cups-1.4.4-5.fc13 (2010-10388)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release fixing several security issues: CVE-2010-0540,\nCVE-2010-0542, CVE-2010-1748.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=587746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=588805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=591983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=605397\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043667.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec4264c1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"cups-1.4.4-5.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:39", "description": "A missing memory allocation failure check flaw, leading to a NULL pointer dereference, was found in the CUPS 'texttops' filter. An attacker could create a malicious text file that would cause 'texttops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web interface. If a remote attacker could trick a user, who is logged into the CUPS web interface as an administrator, into visiting a specially crafted website, the attacker could reconfigure and disable CUPS, and gain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be enabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information. (CVE-2010-1748)\n\nAfter installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100617_CUPS_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60806);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n\n script_name(english:\"Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A missing memory allocation failure check flaw, leading to a NULL\npointer dereference, was found in the CUPS 'texttops' filter. An\nattacker could create a malicious text file that would cause\n'texttops' to crash or, potentially, execute arbitrary code as the\n'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\ninterface. If a remote attacker could trick a user, who is logged into\nthe CUPS web interface as an administrator, into visiting a specially\ncrafted website, the attacker could reconfigure and disable CUPS, and\ngain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be\nenabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web\ninterface. If an attacker had access to the CUPS web interface, they\ncould use a specially crafted URL to leverage this flaw to read a\nlimited amount of memory from the cupsd process, possibly obtaining\nsensitive information. (CVE-2010-1748)\n\nAfter installing this update, the cupsd daemon will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1006&L=scientific-linux-errata&T=0&P=1894\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b439d36e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"cups-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"cups-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"cups-devel-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"cups-libs-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-devel-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-libs-1.3.7-18.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:02", "description": "Updated cups packages that fix three security issues are now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'texttops' filter converts text files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL pointer dereference, was found in the CUPS 'texttops' filter. An attacker could create a malicious text file that would cause 'texttops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web interface. If a remote attacker could trick a user, who is logged into the CUPS web interface as an administrator, into visiting a specially crafted website, the attacker could reconfigure and disable CUPS, and gain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be enabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for responsibly reporting these issues. Upstream acknowledges regenrecht as the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as the original reporter of CVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cupsd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2010-06-18T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : cups (RHSA-2010:0490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:cups", "p-cpe:/a:redhat:enterprise_linux:cups-devel", "p-cpe:/a:redhat:enterprise_linux:cups-libs", "p-cpe:/a:redhat:enterprise_linux:cups-lpd", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0490.NASL", "href": "https://www.tenable.com/plugins/nessus/47044", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0490. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47044);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_bugtraq_id(40889, 40897);\n script_xref(name:\"RHSA\", value:\"2010:0490\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : cups (RHSA-2010:0490)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX operating systems. The CUPS 'texttops' filter converts\ntext files to PostScript.\n\nA missing memory allocation failure check flaw, leading to a NULL\npointer dereference, was found in the CUPS 'texttops' filter. An\nattacker could create a malicious text file that would cause\n'texttops' to crash or, potentially, execute arbitrary code as the\n'lp' user if the file was printed. (CVE-2010-0542)\n\nA Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\ninterface. If a remote attacker could trick a user, who is logged into\nthe CUPS web interface as an administrator, into visiting a specially\ncrafted website, the attacker could reconfigure and disable CUPS, and\ngain access to print jobs and system files. (CVE-2010-0540)\n\nNote: As a result of the fix for CVE-2010-0540, cookies must now be\nenabled in your web browser to use the CUPS web interface.\n\nAn uninitialized memory read issue was found in the CUPS web\ninterface. If an attacker had access to the CUPS web interface, they\ncould use a specially crafted URL to leverage this flaw to read a\nlimited amount of memory from the cupsd process, possibly obtaining\nsensitive information. (CVE-2010-1748)\n\nRed Hat would like to thank the Apple Product Security team for\nresponsibly reporting these issues. Upstream acknowledges regenrecht\nas the original reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of\nGNUCITIZEN and Tim Starling as the original reporters of\nCVE-2010-0540; and Luca Carettoni as the original reporter of\nCVE-2010-1748.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthis update, the cupsd daemon will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0490\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0490\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-1.1.17-13.3.65\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"cups-devel-1.1.17-13.3.65\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"cups-libs-1.1.17-13.3.65\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"cups-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"cups-devel-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"cups-libs-1.1.22-0.rc1.9.32.el4_8.6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"cups-devel-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"cups-libs-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"cups-lpd-1.3.7-18.el5_5.4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:19:37", "description": "According to its banner, the version of CUPS installed on the remote host is earlier than 1.4.4. Such versions are affected by several vulnerabilities :\n\n - The patch for STR #3200 / CVE-2009-3553 was not complete. A remote client can cause a denial of service by causing the CUPS server to reference an already freed resource. (STR #3490) (CVE-2010-0302)\n\n - The CUPS daemon may be vulnerable to certain cross-site request forgery (CSRF) attacks, e.g., malicious IFRAME attacks. (STR #3498) (CVE-2010-0540)\n\n - An unprivileged process may be able to cause the CUPS server to overwrite arbitrary files as the root user.\n (STR #3510) (CVE-2010-2431)\n\n - The CUPS daemon is vulnerable to a heap corruption attack as the 'textops' filter does not verify the results of memory allocations. It is possible this may lead to arbitrary code execution. (STR #3516) (CVE-2010-0542)\n\n - The CUPS daemon is vulnerable to a denial of service attack if compiled without HAVE_GSSAPI. (STR #3518) (CVE-2010-2432)\n\n - The CUPS daemon is vulnerable to an information disclosure attack as an attacker can view portions of uninitialized memory by a specially crafted URL.\n (STR #3577) (CVE-2010-1748)", "cvss3": {"score": null, "vector": null}, "published": "2010-07-08T00:00:00", "type": "nessus", "title": "CUPS < 1.4.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3553", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-2431", "CVE-2010-2432"], "modified": "2018-07-06T00:00:00", "cpe": ["cpe:/a:apple:cups"], "id": "CUPS_1_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/47683", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47683);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/06 11:26:07\");\n\n script_cve_id(\n \"CVE-2010-0302\",\n \"CVE-2010-0540\",\n \"CVE-2010-0542\",\n \"CVE-2010-1748\",\n \"CVE-2010-2431\",\n \"CVE-2010-2432\"\n );\n script_bugtraq_id(38510, 40889, 40897, 40943, 41126, 41131);\n script_xref(name:\"Secunia\", value:\"40165\");\n\n script_name(english:\"CUPS < 1.4.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks CUPS server version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote printer service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of CUPS installed on the remote\nhost is earlier than 1.4.4. Such versions are affected by several\nvulnerabilities :\n\n - The patch for STR #3200 / CVE-2009-3553 was not\n complete. A remote client can cause a denial of service\n by causing the CUPS server to reference an already\n freed resource. (STR #3490) (CVE-2010-0302)\n\n - The CUPS daemon may be vulnerable to certain cross-site\n request forgery (CSRF) attacks, e.g., malicious IFRAME\n attacks. (STR #3498) (CVE-2010-0540)\n\n - An unprivileged process may be able to cause the CUPS\n server to overwrite arbitrary files as the root user.\n (STR #3510) (CVE-2010-2431)\n\n - The CUPS daemon is vulnerable to a heap corruption\n attack as the 'textops' filter does not verify the\n results of memory allocations. It is possible this\n may lead to arbitrary code execution. (STR #3516)\n (CVE-2010-0542)\n\n - The CUPS daemon is vulnerable to a denial of service\n attack if compiled without HAVE_GSSAPI. (STR #3518)\n (CVE-2010-2432)\n\n - The CUPS daemon is vulnerable to an information\n disclosure attack as an attacker can view portions of\n uninitialized memory by a specially crafted URL.\n (STR #3577) (CVE-2010-1748)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3490\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3498\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3510\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3516\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L3577\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/articles.php?L596\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to CUPS version 1.4.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/08\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:cups\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"cups_1_3_5.nasl\");\n script_require_keys(\"www/cups\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 631);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:631, embedded:TRUE);\nget_kb_item_or_exit(\"www/\"+port+\"/cups/running\");\n\nversion = get_kb_item_or_exit(\"cups/\"+port+\"/version\");\nsource = get_kb_item_or_exit(\"cups/\"+port+\"/source\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (\n version =~ \"^1\\.([0-3]|4\\.[0-3])($|[^0-9])\" ||\n version =~ \"^1\\.4(rc|b)\"\n)\n{\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.4.4\\n';\n\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse if (version =~ \"^(1|1\\.4)($|[^0-9.])\") audit(AUDIT_VER_NOT_GRANULAR, \"CUPS\", port, version);\nelse audit(AUDIT_LISTEN_NOT_VULN, \"CUPS\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:02:19", "description": "Multiple vulnerabilities were discovered and corrected in cups :\n\nCross-site request forgery (CSRF) vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings (CVE-2010-0540).\n\nThe _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file (CVE-2010-0542).\n\nThe web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors (CVE-2010-1748).\n\nThe cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file (CVE-2010-2431).\n\nipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request (CVE-2010-2941).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4 90\n\nThe updated packages have been patched to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-11-16T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : cups (MDVSA-2010:232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-2431", "CVE-2010-2941"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:cups", "p-cpe:/a:mandriva:linux:cups-common", "p-cpe:/a:mandriva:linux:cups-serial", "p-cpe:/a:mandriva:linux:lib64cups2", "p-cpe:/a:mandriva:linux:lib64cups2-devel", "p-cpe:/a:mandriva:linux:libcups2", "p-cpe:/a:mandriva:linux:libcups2-devel", "p-cpe:/a:mandriva:linux:php-cups", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.0"], "id": "MANDRIVA_MDVSA-2010-232.NASL", "href": "https://www.tenable.com/plugins/nessus/50606", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:232. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50606);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2941\");\n script_bugtraq_id(40889, 40897, 40943, 41131, 44530);\n script_xref(name:\"MDVSA\", value:\"2010:232\");\n\n script_name(english:\"Mandriva Linux Security Advisory : cups (MDVSA-2010:232)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in cups :\n\nCross-site request forgery (CSRF) vulnerability in the web interface\nin CUPS, allows remote attackers to hijack the authentication of\nadministrators for requests that change settings (CVE-2010-0540).\n\nThe _WriteProlog function in texttops.c in texttops in the Text Filter\nsubsystem in CUPS before 1.4.4 does not check the return values of\ncertain calloc calls, which allows remote attackers to cause a denial\nof service (NULL pointer dereference or heap memory corruption) or\npossibly execute arbitrary code via a crafted file (CVE-2010-0542).\n\nThe web interface in CUPS, reads uninitialized memory during handling\nof form variables, which allows context-dependent attackers to obtain\nsensitive information from cupsd process memory via unspecified\nvectors (CVE-2010-1748).\n\nThe cupsFileOpen function in CUPS before 1.4.4 allows local users,\nwith lp group membership, to overwrite arbitrary files via a symlink\nattack on the (1) /var/cache/cups/remote.cache or (2)\n/var/cache/cups/job.cache file (CVE-2010-2431).\n\nipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate\nmemory for attribute values with invalid string data types, which\nallows remote attackers to cause a denial of service (use-after-free\nand application crash) or possibly execute arbitrary code via a\ncrafted IPP request (CVE-2010-2941).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4\n90\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-common-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"cups-serial-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64cups2-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libcups2-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libcups2-devel-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cups-1.3.10-0.4mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"cups-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"cups-common-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"cups-serial-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64cups2-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libcups2-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libcups2-devel-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-cups-1.4.1-12.2mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:58:08", "description": "The remote host is affected by the vulnerability described in GLSA-201207-10 (CUPS: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker may be able to execute arbitrary code using specially crafted streams, IPP requests or files, or cause a Denial of Service (daemon crash or hang). A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to obtain sensitive information from the CUPS process or hijack a CUPS administrator authentication request.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-07-10T00:00:00", "type": "nessus", "title": "GLSA-201207-10 : CUPS: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3553", "CVE-2010-0302", "CVE-2010-0393", "CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-2431", "CVE-2010-2432", "CVE-2010-2941", "CVE-2011-3170"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:cups", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201207-10.NASL", "href": "https://www.tenable.com/plugins/nessus/59902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201207-10.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59902);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3553\", \"CVE-2010-0302\", \"CVE-2010-0393\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2010-2941\", \"CVE-2011-3170\");\n script_bugtraq_id(37048, 38510, 38524, 40889, 40897, 40943, 41126, 41131, 44530, 49323);\n script_xref(name:\"GLSA\", value:\"201207-10\");\n\n script_name(english:\"GLSA-201207-10 : CUPS: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201207-10\n(CUPS: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in CUPS. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to execute arbitrary code using specially\n crafted streams, IPP requests or files, or cause a Denial of Service\n (daemon crash or hang). A local attacker may be able to gain escalated\n privileges or overwrite arbitrary files. Furthermore, a remote attacker\n may be able to obtain sensitive information from the CUPS process or\n hijack a CUPS administrator authentication request.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201207-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All CUPS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-print/cups-1.4.8-r1'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 03, 2011. It is likely that your system is\n already no longer affected by this issue.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-print/cups\", unaffected:make_list(\"ge 1.4.8-r1\"), vulnerable:make_list(\"lt 1.4.8-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"CUPS\");\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:55:52", "description": "An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 and 4 Extras.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.\n\nThis update fixes a vulnerability in Adobe Flash Player. This vulnerability is summarized on the Adobe Security Advisory APSB10-06 page listed in the References section. If a victim loaded a web page containing specially crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. (CVE-2010-0186)\n\nAll users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.262.0.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 : flash-plugin (RHSA-2010:0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:flash-plugin", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2010-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/63918", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0103. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63918);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0186\");\n script_bugtraq_id(38198);\n script_xref(name:\"RHSA\", value:\"2010:0103\");\n\n script_name(english:\"RHEL 3 / 4 : flash-plugin (RHSA-2010:0103)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes a security issue is\nnow available for Red Hat Enterprise Linux 3 and 4 Extras.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe\nFlash Player web browser plug-in.\n\nThis update fixes a vulnerability in Adobe Flash Player. This\nvulnerability is summarized on the Adobe Security Advisory APSB10-06\npage listed in the References section. If a victim loaded a web page\ncontaining specially crafted SWF content, it could cause Flash Player\nto perform unauthorized cross-domain requests, leading to the\ndisclosure of sensitive data. (CVE-2010-0186)\n\nAll users of Adobe Flash Player should install this updated package,\nwhich upgrades Flash Player to version 9.0.262.0.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-0186.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/support/security/bulletins/apsb10-06.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2010-0103.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"flash-plugin-9.0.262.0-1.el3.with.oss\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"flash-plugin-9.0.262.0-1.el4\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", sp:\"8\", cpu:\"i386\", reference:\"flash-plugin-9.0.262.0-1.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:53", "description": "This update adds the upstream patch to avoid a potential denial of service in the KDC in versions 1.7 and later (CVE-2010-0283). It obsoletes a previous pending update to version 1.7.1, which incorporates a fix to avoid accidentally tripping account lockout logic on AD servers when the user types in the wrong password.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 12 : krb5-1.7.1-2.fc12 (2010-1722)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-1722.NASL", "href": "https://www.tenable.com/plugins/nessus/47267", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-1722.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47267);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0283\");\n script_bugtraq_id(38260);\n script_xref(name:\"FEDORA\", value:\"2010-1722\");\n\n script_name(english:\"Fedora 12 : krb5-1.7.1-2.fc12 (2010-1722)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds the upstream patch to avoid a potential denial of\nservice in the KDC in versions 1.7 and later (CVE-2010-0283). It\nobsoletes a previous pending update to version 1.7.1, which\nincorporates a fix to avoid accidentally tripping account lockout\nlogic on AD servers when the user types in the wrong password.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=556680\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e119e3ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"krb5-1.7.1-2.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T13:05:13", "description": "Invalid requests by unauthenticated attackers could crash the kerberos server (CVE-2010-0283).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-19T00:00:00", "type": "nessus", "title": "openSUSE Security Update : krb5 (krb5-2002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:krb5", "p-cpe:/a:novell:opensuse:krb5-32bit", "p-cpe:/a:novell:opensuse:krb5-apps-clients", "p-cpe:/a:novell:opensuse:krb5-apps-servers", "p-cpe:/a:novell:opensuse:krb5-client", "p-cpe:/a:novell:opensuse:krb5-devel", "p-cpe:/a:novell:opensuse:krb5-devel-32bit", "p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap", "p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit", "p-cpe:/a:novell:opensuse:krb5-server", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_KRB5-100217.NASL", "href": "https://www.tenable.com/plugins/nessus/44668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-2002.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44668);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0283\");\n\n script_name(english:\"openSUSE Security Update : krb5 (krb5-2002)\");\n script_summary(english:\"Check for the krb5-2002 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Invalid requests by unauthenticated attackers could crash the kerberos\nserver (CVE-2010-0283).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=571781\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-apps-clients-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-apps-servers-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-client-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-devel-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-plugin-kdb-ldap-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-plugin-preauth-pkinit-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-server-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"krb5-32bit-1.7-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.7-6.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5 / krb5-32bit / krb5-apps-clients / krb5-apps-servers / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-12T16:14:35", "description": "The installed version of SquirrelMail fails to properly sanitize input to the '$username' variable in the 'map_yp_alias' function in 'functions/imap_general.php'. An unauthenticated, remote attacker can exploit this to execute arbitrary code subject to the privileges of the affected web-server. \n\nNote that there are also reported to be several cross-site scripting vulnerabilities as well as a session fixation vulnerability, though Nessus has not tested for these.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2009-05-15T00:00:00", "type": "nessus", "title": "SquirrelMail map_yp_alias Username Mapping Alias Arbitrary Code Execution", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:squirrelmail:squirrelmail"], "id": "SQUIRRELMAIL_MAP_YP_ALIAS_CODE_EXEC.NASL", "href": "https://www.tenable.com/plugins/nessus/38794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38794);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2009-1579\");\n script_bugtraq_id(34916);\n\n script_name(english:\"SquirrelMail map_yp_alias Username Mapping Alias Arbitrary Code Execution\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote webmail application allows execution of arbitrary code.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of SquirrelMail fails to properly sanitize\ninput to the '$username' variable in the 'map_yp_alias' function in\n'functions/imap_general.php'. An unauthenticated, remote attacker can\nexploit this to execute arbitrary code subject to the privileges of\nthe affected web-server. \n\nNote that there are also reported to be several cross-site scripting\nvulnerabilities as well as a session fixation vulnerability, though\nNessus has not tested for these.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.squirrelmail.org/security/issue/2009-05-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to SquirrelMail 1.4.19 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squirrelmail:squirrelmail\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"squirrelmail_detect.nasl\");\n script_require_keys(\"www/squirrelmail\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"data_protection.inc\");\n\n\nport = get_http_port(default:80, embedded: 0);\nif (!can_host_php(port:port)) exit(0);\n\ncmd = \"id\";\nexploit = string(';uname -a;echo __nessus;', cmd, ';echo __nessus2');\n\n# Test an install\ninstall = get_kb_item(string(\"www/\", port, \"/squirrelmail\"));\nif (isnull(install)) exit(0);\n\nmatches = eregmatch(string:install, pattern:\"^(.+) under (/.*)$\");\nif (!isnull(matches))\n{\n postdata=string(\"login_username=\", exploit, \"&secretkey=&js_autodetect_results=1&just_logged_in=1\");\n url = matches[2]+ \"/src/redirect.php\";\n\n req = http_mk_post_req(\n port : port,\n version : 11, \n item : url, \n add_headers : make_array(\"Content-Type\", \"application/x-www-form-urlencoded\"),\n data : postdata\n );\n res = http_send_recv_req(port:port, req:req);\n if (isnull(res)) exit(0);\n\n if (\n (\n \"Error connecting to IMAP server:\" >< res[2] &&\n \"__nessus\" >< res[2] &&\n egrep(pattern:\"uid=[0-9]+.*gid=[0-9]+.*\", string:res[2]) \n )\n )\n {\n if (report_verbosity > 0)\n {\n req_str = http_mk_buffer_from_req(req:req);\n report = string(\n \"\\n\",\n \"Nessus was able to execute the 'id' command on the remote host \\n\",\n \"host using the following request :\\n\",\n \"\\n\",\n crap(data:\"-\", length:30), \" snip \", crap(data:\"-\", length:30), \"\\n\",\n req_str, \"\\n\",\n crap(data:\"-\", length:30), \" snip \", crap(data:\"-\", length:30), \"\\n\"\n );\n if (report_verbosity > 1)\n {\n output = strstr(res[2], \"__nessus\") - \"__nessus\";\n output = output - strstr(output, \"__nessus2\");\n report = string(\n report,\n \"\\n\",\n \"It produced the following output :\\n\",\n \"\\n\",\n crap(data:\"-\", length:30), \" snip \", crap(data:\"-\", length:30), \"\\n\",\n data_protection::sanitize_uid(output:output), \"\\n\",\n crap(data:\"-\", length:30), \" snip \", crap(data:\"-\", length:30), \"\\n\"\n );\n }\n security_warning(port:port, extra:report);\n }\n else security_warning(port:port);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:41", "description": "Kevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-04T00:00:00", "type": "nessus", "title": "Debian DSA-2084-1 : tiff - integer overflows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tiff", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2084.NASL", "href": "https://www.tenable.com/plugins/nessus/48241", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2084. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48241);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1411\");\n script_bugtraq_id(40823);\n script_xref(name:\"DSA\", value:\"2084\");\n\n script_name(english:\"Debian DSA-2084-1 : tiff - integer overflows\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kevin Finisterre discovered that several integer overflows in the TIFF\nlibrary could lead to the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2084\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tiff packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.8.2-11.3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libtiff-doc\", reference:\"3.8.2-11.3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libtiff-opengl\", reference:\"3.8.2-11.3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libtiff-tools\", reference:\"3.8.2-11.3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libtiff4\", reference:\"3.8.2-11.3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libtiff4-dev\", reference:\"3.8.2-11.3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libtiffxx0c2\", reference:\"3.8.2-11.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:06", "description": "This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff3", "p-cpe:/a:novell:opensuse:libtiff3-32bit", "p-cpe:/a:novell:opensuse:tiff", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBTIFF-DEVEL-100524.NASL", "href": "https://www.tenable.com/plugins/nessus/47020", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libtiff-devel-2477.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47020);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)\");\n script_summary(english:\"Check for the libtiff-devel-2477 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libtiff fixes several integer overflows that could lead\nto a corrupted heap memory. This bug can be exploited remotely with a\ncrafted TIFF file to cause an application crash or probably to execute\narbitrary code. (CVE-2010-1411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtiff-devel-3.8.2-133.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libtiff3-3.8.2-133.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"tiff-3.8.2-133.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-3.8.2-133.39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libtiff3-32bit-3.8.2-133.39.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:02:44", "description": "This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)", "cvss3": {"score": null, "vector": null}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBTIFF-7052.NASL", "href": "https://www.tenable.com/plugins/nessus/49883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49883);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"SuSE 10 Security Update : libtiff (ZYPP Patch Number 7052)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libtiff fixes several integer overflows that could lead\nto a corrupted heap memory. This bug can be exploited remotely with a\ncrafted TIFF file to cause an application crash or probably to execute\narbitrary code. (CVE-2010-1411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1411.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7052.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"libtiff-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"libtiff-devel-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"tiff-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"libtiff-32bit-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libtiff-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libtiff-devel-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"tiff-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"libtiff-32bit-3.8.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"libtiff-devel-32bit-3.8.2-5.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:00", "description": "Fix numerous crashing bugs, including CVE-2010-1411\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : libtiff-3.8.2-15.fc11 (2010-10359)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libtiff", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-10359.NASL", "href": "https://www.tenable.com/plugins/nessus/47224", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10359.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47224);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1411\");\n script_bugtraq_id(35451, 35652, 40823, 41011);\n script_xref(name:\"FEDORA\", value:\"2010-10359\");\n\n script_name(english:\"Fedora 11 : libtiff-3.8.2-15.fc11 (2010-10359)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix numerous crashing bugs, including CVE-2010-1411\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=592361\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/043399.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b255ebd7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"libtiff-3.8.2-15.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:59", "description": "This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff3", "p-cpe:/a:novell:opensuse:libtiff3-32bit", "p-cpe:/a:novell:opensuse:tiff", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBTIFF-DEVEL-100525.NASL", "href": "https://www.tenable.com/plugins/nessus/47019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libtiff-devel-2477.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47019);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)\");\n script_summary(english:\"Check for the libtiff-devel-2477 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libtiff fixes several integer overflows that could lead\nto a corrupted heap memory. This bug can be exploited remotely with a\ncrafted TIFF file to cause an application crash or probably to execute\narbitrary code. (CVE-2010-1411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtiff-devel-3.8.2-108.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libtiff3-3.8.2-108.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tiff-3.8.2-108.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-3.8.2-108.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libtiff3-32bit-3.8.2-108.9\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:05", "description": "Kevin Finisterre reports :\n\nMultiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. The issues are addressed through improved bounds checking.\nCredit to Kevin Finisterre of digitalmunition.com for reporting these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-06-14T00:00:00", "type": "nessus", "title": "FreeBSD : tiff -- buffer overflow vulnerability (313da7dc-763b-11df-bcce-0018f3e2eb82)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-tiff", "p-cpe:/a:freebsd:freebsd:tiff", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_313DA7DC763B11DFBCCE0018F3E2EB82.NASL", "href": "https://www.tenable.com/plugins/nessus/46876", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46876);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"FreeBSD : tiff -- buffer overflow vulnerability (313da7dc-763b-11df-bcce-0018f3e2eb82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kevin Finisterre reports :\n\nMultiple integer overflows in the handling of TIFF files may result in\na heap buffer overflow. Opening a maliciously crafted TIFF file may\nlead to an unexpected application termination or arbitrary code\nexecution. The issues are addressed through improved bounds checking.\nCredit to Kevin Finisterre of digitalmunition.com for reporting these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.remotesensing.org/libtiff/v3.9.3.html\"\n );\n # http://support.apple.com/kb/HT4196\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.apple.com/kb/HT4196\"\n );\n # https://vuxml.freebsd.org/freebsd/313da7dc-763b-11df-bcce-0018f3e2eb82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0e43c5c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"tiff<3.9.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-tiff<3.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:03", "description": "Update to version 3.9.4 which fixes several bugs and some CVE's. See http://www.remotesensing.org/libtiff/v3.9.4.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-07T00:00:00", "type": "nessus", "title": "Fedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw32-libtiff", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-10469.NASL", "href": "https://www.tenable.com/plugins/nessus/47608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10469.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47608);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1411\");\n script_bugtraq_id(40823);\n script_xref(name:\"FEDORA\", value:\"2010-10469\");\n\n script_name(english:\"Fedora 12 : mingw32-libtiff-3.9.4-1.fc12 (2010-10469)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 3.9.4 which fixes several bugs and some CVE's. See\nhttp://www.remotesensing.org/libtiff/v3.9.4.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.remotesensing.org/libtiff/v3.9.4.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=592361\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4521572b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw32-libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw32-libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"mingw32-libtiff-3.9.4-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw32-libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:03", "description": "This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtiff-devel", "p-cpe:/a:novell:opensuse:libtiff-devel-32bit", "p-cpe:/a:novell:opensuse:libtiff3", "p-cpe:/a:novell:opensuse:libtiff3-32bit", "p-cpe:/a:novell:opensuse:tiff", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_LIBTIFF-DEVEL-100525.NASL", "href": "https://www.tenable.com/plugins/nessus/47021", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libtiff-devel-2477.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47021);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"openSUSE Security Update : libtiff-devel (openSUSE-SU-2010:0324-1)\");\n script_summary(english:\"Check for the libtiff-devel-2477 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libtiff fixes several integer overflows that could lead\nto a corrupted heap memory. This bug can be exploited remotely with a\ncrafted TIFF file to cause an application crash or probably to execute\narbitrary code. (CVE-2010-1411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtiff-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtiff3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libtiff-devel-3.8.2-145.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libtiff3-3.8.2-145.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"tiff-3.8.2-145.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libtiff-devel-32bit-3.8.2-145.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libtiff3-32bit-3.8.2-145.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:06", "description": "Update to version 3.9.4 which fixes several bugs and some CVE's. See http://www.remotesensing.org/libtiff/v3.9.4.html for details\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-07T00:00:00", "type": "nessus", "title": "Fedora 13 : mingw32-libtiff-3.9.4-1.fc13 (2010-10460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw32-libtiff", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-10460.NASL", "href": "https://www.tenable.com/plugins/nessus/47607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10460.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47607);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1411\");\n script_bugtraq_id(40823);\n script_xref(name:\"FEDORA\", value:\"2010-10460\");\n\n script_name(english:\"Fedora 13 : mingw32-libtiff-3.9.4-1.fc13 (2010-10460)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 3.9.4 which fixes several bugs and some CVE's. See\nhttp://www.remotesensing.org/libtiff/v3.9.4.html for details\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.remotesensing.org/libtiff/v3.9.4.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=592361\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?38ade4e6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw32-libtiff package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw32-libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"mingw32-libtiff-3.9.4-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw32-libtiff\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:04:02", "description": "This update of libtiff fixes several integer overflows that could lead to a corrupted heap memory. This bug can be exploited remotely with a crafted TIFF file to cause an application crash or probably to execute arbitrary code. (CVE-2010-1411)", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : libtiff, (YOU Patch Number 12618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1411"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12618.NASL", "href": "https://www.tenable.com/plugins/nessus/47018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47018);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1411\");\n\n script_name(english:\"SuSE9 Security Update : libtiff, (YOU Patch Number 12618)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libtiff fixes several integer overflows that could lead\nto a corrupted heap memory. This bug can be exploited remotely with a\ncrafted TIFF file to cause an application crash or probably to execute\narbitrary code. (CVE-2010-1411)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1411.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12618.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"libtiff-3.6.1-38.43\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"tiff-3.6.1-38.43\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libtiff-32bit-9-201005251428\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:18", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-04-18T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-01 April-2017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2009-1579", "CVE-2010-1382", "CVE-2010-0186", "CVE-2010-1374", "CVE-2010-0545", "CVE-2010-0540", "CVE-2010-1381", "CVE-2010-1748", "CVE-2010-0187", "CVE-2010-0734", "CVE-2010-0546", "CVE-2009-1580", "CVE-2009-1581", "CVE-2010-1411", "CVE-2009-1578", "CVE-2009-4212", "CVE-2009-2964", "CVE-2010-0541"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310810929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810929", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_macosx_mult_vuln01_apr17.nasl 14295 2019-03-18 20:16:46Z cfischer $\n#\n# Apple Mac OS X Multiple Vulnerabilities-01 April-2017\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810929\");\n script_version(\"$Revision: 14295 $\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0302\", \"CVE-2010-1748\", \"CVE-2010-0545\",\n \"CVE-2010-0186\", \"CVE-2010-0187\", \"CVE-2010-0546\", \"CVE-2010-1374\",\n \"CVE-2010-1411\", \"CVE-2009-4212\", \"CVE-2010-0734\", \"CVE-2010-0541\",\n \"CVE-2010-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\",\n \"CVE-2009-1581\", \"CVE-2009-2964\", \"CVE-2010-1382\");\n script_bugtraq_id(40889, 38510, 40897, 40898, 38198, 38200, 40887, 40896, 40823,\n 37749, 38162, 40895, 40893, 34916, 36196, 40892);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 21:16:46 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-18 11:40:44 +0530 (Tue, 18 Apr 2017)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-01 April-2017\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The Wiki Server does not specify an explicit character set when serving\n HTML documents in response to user requests.\n\n - Multiple errors in SquirrelMail.\n\n - A configuration issue exists in Apple's distribution of Samba, the server\n used for SMB file sharing.\n\n - An input validation error in the Ruby WEBrick HTTP server's handling of\n error pages.\n\n - A buffer overflow exists in libcurl's handling of gzip-compressed web\n content.\n\n - An integer overflow exists in AES and RC4 decryption operations of the\n crypto library in the KDC server.\n\n - Multiple integer overflows in the handling of TIFF files.\n\n - A directory traversal issue exists in iChat's handling of inline\n image transfers.\n\n - A symlink following issue exists in Folder Manager.\n\n - Multiple errors in Adobe Flash Player plug-in.\n\n - An uninitialized memory read issue exists in the CUPS web interface's\n handling of form variables.\n\n - An use after free error exists in cupsd.\n\n - A cross-site request forgery issue exists in the CUPS web interface.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to conduct cross-site scripting attack, access sensitive information, cause\n an unexpected application termination or arbitrary code execution, upload\n files to arbitrary locations on the filesystem of a user and cause privilege\n escalation.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X and Mac OS X Server\n version 10.5.8, 10.6 through 10.6.3\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate security patch from\n the reference links.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod\", value:\"30\"); ## Build information is not available\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT4188\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[56]\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\nif(\"Mac OS X\" >< osName)\n{\n ## 10.5.8 prior to build X is also vulnerable.\n if(version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.3\") ||\n version_in_range(version:osVer, test_version:\"10.5\", test_version2:\"10.5.8\"))\n {\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.6.4 or apply patch\");\n security_message(data:report);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:20:29", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-04-18T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-02 April-2017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2010-1373", "CVE-2010-1816", "CVE-2010-1377", "CVE-2010-1320", "CVE-2010-1821", "CVE-2010-1376", "CVE-2010-1379", "CVE-2010-1380"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310810930", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810930", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Mac OS X Multiple Vulnerabilities-02 April-2017\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810930\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2010-1373\", \"CVE-2010-1816\", \"CVE-2010-1320\", \"CVE-2010-0283\",\n \"CVE-2010-1821\", \"CVE-2010-1376\", \"CVE-2010-1377\", \"CVE-2010-1379\",\n \"CVE-2010-1380\");\n script_bugtraq_id(40886, 39599, 38260, 40902, 40905, 40903);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-04-18 11:40:44 +0530 (Tue, 18 Apr 2017)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-02 April-2017\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An input validation error exists in Help Viewer's handling of help: URLs.\n\n - A buffer overflow exists in the handling of images.\n\n - A double free issue exists in the renewal or validation of existing tickets\n in the KDC process.\n\n - A logic issue in the handling of KDC requests may cause an assertion to be\n triggered.\n\n - A logic issue exists in the handling of vfork where the Mach exception\n handler is not reset in a certain case.\n\n - A format string issue exists in the handling of afp:, cifs:, and smb: URLs.\n\n - A man-in-the-middle attack in Open Directory.\n\n - A character encoding issue exists in Printer Setup's handling of nearby printers.\n\n - An integer overflow issue exists in the calculation of page sizes in the\n cgtexttops CUPS filter.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to conduct cross-site scripting attack, access sensitive information, cause\n an unexpected application termination or arbitrary code execution, upload\n files to arbitrary locations on the filesystem of a user and cause privilege\n escalation.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X and Mac OS X Server\n version 10.6 through 10.6.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X version\n 10.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT4188\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.6\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.3\"))\n {\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.6.4\");\n security_message(data:report);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:38:47", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:110.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:110 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063984", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063984", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_110.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:110 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and corrected in\nsquirrelmail:\n\nTwo issues were fixed that both allowed an attacker to run arbitrary\nscript (XSS) on most any SquirrelMail page by getting the user to\nclick on specially crafted SquirrelMail links (CVE-2009-1578).\n\nAn issue was fixed wherein input to the contrib/decrypt_headers.php\nscript was not sanitized and allowed arbitrary script execution upon\nsubmission of certain values (CVE-2009-1578).\n\nAn issue was fixed that allowed arbitrary server-side code execution\nwhen SquirrelMail was configured to use the example map_yp_alias\nusername mapping functionality (CVE-2009-1579).\n\nAn issue was fixed that allowed an attacker to possibly steal user\ndata by hijacking the SquirrelMail login session. (CVE-2009-1580).\n\nAn issue was fixed that allowed phishing and cross-site scripting\n(XSS) attacks to be run by surreptitious placement of content in\nspecially-crafted emails sent to SquirrelMail users (CVE-2009-1581).\n\nAdditionally many of the bundled plugins has been upgraded. Basically\nthis is a synchronization with the latest squirrelmail package found\nin Mandriva Cooker. The rpm changelog will reveal all the changes\n(rpm -q --changelog squirrelmail).\n\nThe updated packages have been upgraded to the latest version of\nsquirrelmail to prevent this.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:110\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:110.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63984\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:110 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:06", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-1.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1802-1 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064033", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064033", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1802_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1802-1 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in SquirrelMail,\na webmail application. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-1578\n\nCross site scripting was possible through a number of pages which\nallowed an attacker to steal sensitive session data.\n\nCVE-2009-1579\n\nCode injection was possible when SquirrelMail was configured to\nuse the map_yp_alias function to authenticate users. This is not\nthe default.\n\nCVE-2009-1580\n\nIt was possible to hijack an active user session by planting a\nspecially crafted cookie into the user's browser.\n\nCVE-2009-1581\n\nSpecially crafted HTML emails could use the CSS positioning feature\nto place email content over the SquirrelMail user interface, allowing\nfor phishing.\n\nFor the old stable distribution (etch), these problems have been fixed in\nversion 1.4.9a-4.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.4.18-1.\n\nWe recommend that you upgrade your squirrelmail package.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201802-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64033\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1802-1 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.9a-4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:10", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4875.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-4875 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063986", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063986", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4875.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4875 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4875\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4875.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63986\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-4875 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:59", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-1.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1802-1 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64033", "href": "http://plugins.openvas.org/nasl.php?oid=64033", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1802_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1802-1 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in SquirrelMail,\na webmail application. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-1578\n\nCross site scripting was possible through a number of pages which\nallowed an attacker to steal sensitive session data.\n\nCVE-2009-1579\n\nCode injection was possible when SquirrelMail was configured to\nuse the map_yp_alias function to authenticate users. This is not\nthe default.\n\nCVE-2009-1580\n\nIt was possible to hijack an active user session by planting a\nspecially crafted cookie into the user's browser.\n\nCVE-2009-1581\n\nSpecially crafted HTML emails could use the CSS positioning feature\nto place email content over the SquirrelMail user interface, allowing\nfor phishing.\n\nFor the old stable distribution (etch), these problems have been fixed in\nversion 1.4.9a-4.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.4.18-1.\n\nWe recommend that you upgrade your squirrelmail package.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201802-1\";\n\n\nif(description)\n{\n script_id(64033);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1802-1 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.9a-4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:22", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4875.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-4875 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63986", "href": "http://plugins.openvas.org/nasl.php?oid=63986", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4875.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4875 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4875\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4875.\";\n\n\n\nif(description)\n{\n script_id(63986);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-4875 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:19", "description": "SquirrelMail is prone to multiple vulnerabilities, including\n multiple session-fixation issues, a code-injection issue, and multiple cross-site scripting issues.", "cvss3": {}, "published": "2009-05-14T00:00:00", "type": "openvas", "title": "SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2019-03-07T00:00:00", "id": "OPENVAS:1361412562310100203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: squirrelmail_1_4_18.nasl 14033 2019-03-07 11:09:35Z cfischer $\n#\n# SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities\n#\n# Authors\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squirrelmail:squirrelmail';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100203\");\n script_version(\"$Revision: 14033 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-07 12:09:35 +0100 (Thu, 07 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-14 20:19:12 +0200 (Thu, 14 May 2009)\");\n script_bugtraq_id(34916);\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"squirrelmail_detect.nasl\");\n script_mandatory_keys(\"squirrelmail/installed\");\n script_require_ports(\"Services/www\", 443);\n\n script_tag(name:\"summary\", value:\"SquirrelMail is prone to multiple vulnerabilities, including\n multiple session-fixation issues, a code-injection issue, and multiple cross-site scripting issues.\");\n\n script_tag(name:\"impact\", value:\"Attackers may exploit these issues to execute arbitrary script code\n in the browser of an unsuspecting user, to hijack the session of a valid user, or to inject and execute\n arbitrary PHP code in the context of the webserver process. This may facilitate a compromise of the\n application and the computer. Other attacks are also possible.\");\n\n script_tag(name:\"affected\", value:\"Versions prior to SquirrelMail 1.4.18 are vulnerable.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/34916\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.4.18 or later.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_is_less(version: version, test_version: \"1.4.18\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.4.18\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:56:37", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:110.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:110 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63984", "href": "http://plugins.openvas.org/nasl.php?oid=63984", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_110.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:110 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and corrected in\nsquirrelmail:\n\nTwo issues were fixed that both allowed an attacker to run arbitrary\nscript (XSS) on most any SquirrelMail page by getting the user to\nclick on specially crafted SquirrelMail links (CVE-2009-1578).\n\nAn issue was fixed wherein input to the contrib/decrypt_headers.php\nscript was not sanitized and allowed arbitrary script execution upon\nsubmission of certain values (CVE-2009-1578).\n\nAn issue was fixed that allowed arbitrary server-side code execution\nwhen SquirrelMail was configured to use the example map_yp_alias\nusername mapping functionality (CVE-2009-1579).\n\nAn issue was fixed that allowed an attacker to possibly steal user\ndata by hijacking the SquirrelMail login session. (CVE-2009-1580).\n\nAn issue was fixed that allowed phishing and cross-site scripting\n(XSS) attacks to be run by surreptitious placement of content in\nspecially-crafted emails sent to SquirrelMail users (CVE-2009-1581).\n\nAdditionally many of the bundled plugins has been upgraded. Basically\nthis is a synchronization with the latest squirrelmail package found\nin Mandriva Cooker. The rpm changelog will reveal all the changes\n(rpm -q --changelog squirrelmail).\n\nThe updated packages have been upgraded to the latest version of\nsquirrelmail to prevent this.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:110\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:110.\";\n\n \n\nif(description)\n{\n script_id(63984);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:110 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.18~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:06", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4880.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-4880 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063987", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063987", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4880.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4880 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsquirrelmail is now able to work with unsigned 32bit UID values with 32-bit\nversion of php\n\nChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4880\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4880.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63987\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-4880 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:21", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4880.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-4880 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63987", "href": "http://plugins.openvas.org/nasl.php?oid=63987", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4880.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4880 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nsquirrelmail is now able to work with unsigned 32bit UID values with 32-bit\nversion of php\n\nChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4880\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4880.\";\n\n\n\nif(description)\n{\n script_id(63987);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-4880 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:08", "description": "The remote host is missing updates announced in\nadvisory GLSA 201001-08.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201001-08 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66741", "href": "http://plugins.openvas.org/nasl.php?oid=66741", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in SquirrelMail of which the worst\n results in remote code execution.\";\ntag_solution = \"All SquirrelMail users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/squirrelmail-1.4.19'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=269567\nhttp://bugs.gentoo.org/show_bug.cgi?id=270671\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201001-08.\";\n\n \n \n\nif(description)\n{\n script_id(66741);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 201001-08 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"mail-client/squirrelmail\", unaffected: make_list(\"ge 1.4.19\"), vulnerable: make_list(\"lt 1.4.19\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:50", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-2.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1802-2 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064037", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064037", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1802_2.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1802-2 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Michal Hlavinka discovered that the fix for code execution in the\nmap_yp_alias function, known as CVE-2009-1579 and released in DSA 1802-1,\nwas incomplete. This update corrects the fix for that function.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 1.4.9a-5.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.4.15-4+lenny2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.19-1\n\nWe recommend that you upgrade your squirrelmail package.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201802-2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64037\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1802-2 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.9a-5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:38", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-2.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1802-2 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64037", "href": "http://plugins.openvas.org/nasl.php?oid=64037", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1802_2.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1802-2 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Michal Hlavinka discovered that the fix for code execution in the\nmap_yp_alias function, known as CVE-2009-1579 and released in DSA 1802-1,\nwas incomplete. This update corrects the fix for that function.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 1.4.9a-5.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.4.15-4+lenny2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.4.19-1\n\nWe recommend that you upgrade your squirrelmail package.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 1802-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201802-2\";\n\n\nif(description)\n{\n script_id(64037);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1802-2 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.9a-5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:14", "description": "The remote host is missing updates announced in\nadvisory GLSA 201001-08.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201001-08 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:136141256231066741", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066741", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in SquirrelMail of which the worst\n results in remote code execution.\";\ntag_solution = \"All SquirrelMail users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/squirrelmail-1.4.19'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=269567\nhttp://bugs.gentoo.org/show_bug.cgi?id=270671\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201001-08.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66741\");\n script_version(\"$Revision: 8207 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 08:30:12 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 201001-08 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"mail-client/squirrelmail\", unaffected: make_list(\"ge 1.4.19\"), vulnerable: make_list(\"lt 1.4.19\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:33", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1066.\n\nA server-side code injection flaw was found in the SquirrelMail\nmap_yp_alias function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS) server\nvia the map_yp_alias function, an unauthenticated, remote attacker using\na specially-crafted username could use this flaw to execute arbitrary code\nwith the privileges of the web server. (CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\nattacker could construct a carefully crafted URL, which once visited by an\nunsuspecting user, could cause the user's web browser to execute malicious\nscript in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading\nStyle Sheets (CSS) directives used in HTML mail. A remote attacker could\nsend a specially-crafted email that could place mail content above\nSquirrelMail's controls, possibly allowing phishing and cross-site\nscripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064063", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064063", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1066.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1066 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1066.\n\nA server-side code injection flaw was found in the SquirrelMail\nmap_yp_alias function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS) server\nvia the map_yp_alias function, an unauthenticated, remote attacker using\na specially-crafted username could use this flaw to execute arbitrary code\nwith the privileges of the web server. (CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\nattacker could construct a carefully crafted URL, which once visited by an\nunsuspecting user, could cause the user's web browser to execute malicious\nscript in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading\nStyle Sheets (CSS) directives used in HTML mail. A remote attacker could\nsend a specially-crafted email that could place mail content above\nSquirrelMail's controls, possibly allowing phishing and cross-site\nscripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64063\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1066\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1066.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-08\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-10\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-12\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.5\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:43", "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1066.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1066 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064123", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064123", "sourceData": "#CESA-2009:1066 64123 4\n# $Id: ovcesa2009_1066.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1066 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1066\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1066\nhttps://rhn.redhat.com/errata/RHSA-2009-1066.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1066.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64123\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1066 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.7\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:54", "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1066.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1066 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64123", "href": "http://plugins.openvas.org/nasl.php?oid=64123", "sourceData": "#CESA-2009:1066 64123 4\n# $Id: ovcesa2009_1066.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1066 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1066\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1066\nhttps://rhn.redhat.com/errata/RHSA-2009-1066.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1066.\";\n\n\n\nif(description)\n{\n script_id(64123);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1066 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.7\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1066 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880772", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880772", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1066 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015945.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880772\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1066\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1066 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 3\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n A server-side code injection flaw was found in the SquirrelMail\n 'map_yp_alias' function. If SquirrelMail was configured to retrieve a\n user's IMAP server address from a Network Information Service (NIS) server\n via the 'map_yp_alias' function, an unauthenticated, remote attacker using\n a specially-crafted username could use this flaw to execute arbitrary code\n with the privileges of the web server. (CVE-2009-1579)\n\n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\n attacker could construct a carefully crafted URL, which once visited by an\n unsuspecting user, could cause the user's web browser to execute malicious\n script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\n It was discovered that SquirrelMail did not properly sanitize Cascading\n Style Sheets (CSS) directives used in HTML mail. A remote attacker could\n send a specially-crafted email that could place mail content above\n SquirrelMail's controls, possibly allowing phishing and cross-site\n scripting attacks. (CVE-2009-1581)\n\n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3.centos.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1066 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880771", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880771", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1066 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015947.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880771\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1066\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1066 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 5\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n A server-side code injection flaw was found in the SquirrelMail\n 'map_yp_alias' function. If SquirrelMail was configured to retrieve a\n user's IMAP server address from a Network Information Service (NIS) server\n via the 'map_yp_alias' function, an unauthenticated, remote attacker using\n a specially-crafted username could use this flaw to execute arbitrary code\n with the privileges of the web server. (CVE-2009-1579)\n\n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\n attacker could construct a carefully crafted URL, which once visited by an\n unsuspecting user, could cause the user's web browser to execute malicious\n script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\n It was discovered that SquirrelMail did not properly sanitize Cascading\n Style Sheets (CSS) directives used in HTML mail. A remote attacker could\n send a specially-crafted email that could place mail content above\n SquirrelMail's controls, possibly allowing phishing and cross-site\n scripting attacks. (CVE-2009-1581)\n\n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:48", "description": "Oracle Linux Local Security Checks ELSA-2009-1066", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122481", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122481", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1066.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122481\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:18 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1066\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1066 - squirrelmail security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1066\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1066.html\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.0.1.el5_3.7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:36", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1066 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880772", "href": "http://plugins.openvas.org/nasl.php?oid=880772", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1066 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n A server-side code injection flaw was found in the SquirrelMail\n "map_yp_alias" function. If SquirrelMail was configured to retrieve a\n user's IMAP server address from a Network Information Service (NIS) server\n via the "map_yp_alias" function, an unauthenticated, remote attacker using\n a specially-crafted username could use this flaw to execute arbitrary code\n with the privileges of the web server. (CVE-2009-1579)\n \n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\n attacker could construct a carefully crafted URL, which once visited by an \n unsuspecting user, could cause the user's web browser to execute malicious\n script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n \n It was discovered that SquirrelMail did not properly sanitize Cascading\n Style Sheets (CSS) directives used in HTML mail. A remote attacker could\n send a specially-crafted email that could place mail content above\n SquirrelMail's controls, possibly allowing phishing and cross-site\n scripting attacks. (CVE-2009-1581)\n \n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-May/015945.html\");\n script_id(880772);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1066\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1066 centos3 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3.centos.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:37", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1066 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880771", "href": "http://plugins.openvas.org/nasl.php?oid=880771", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1066 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n A server-side code injection flaw was found in the SquirrelMail\n "map_yp_alias" function. If SquirrelMail was configured to retrieve a\n user's IMAP server address from a Network Information Service (NIS) server\n via the "map_yp_alias" function, an unauthenticated, remote attacker using\n a specially-crafted username could use this flaw to execute arbitrary code\n with the privileges of the web server. (CVE-2009-1579)\n \n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\n attacker could construct a carefully crafted URL, which once visited by an \n unsuspecting user, could cause the user's web browser to execute malicious\n script in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n \n It was discovered that SquirrelMail did not properly sanitize Cascading\n Style Sheets (CSS) directives used in HTML mail. A remote attacker could\n send a specially-crafted email that could place mail content above\n SquirrelMail's controls, possibly allowing phishing and cross-site\n scripting attacks. (CVE-2009-1581)\n \n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-May/015947.html\");\n script_id(880771);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1066\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1066 centos5 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:26", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1066.\n\nA server-side code injection flaw was found in the SquirrelMail\nmap_yp_alias function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS) server\nvia the map_yp_alias function, an unauthenticated, remote attacker using\na specially-crafted username could use this flaw to execute arbitrary code\nwith the privileges of the web server. (CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\nattacker could construct a carefully crafted URL, which once visited by an\nunsuspecting user, could cause the user's web browser to execute malicious\nscript in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading\nStyle Sheets (CSS) directives used in HTML mail. A remote attacker could\nsend a specially-crafted email that could place mail content above\nSquirrelMail's controls, possibly allowing phishing and cross-site\nscripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1581", "CVE-2009-1578"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64063", "href": "http://plugins.openvas.org/nasl.php?oid=64063", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1066.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1066 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1066.\n\nA server-side code injection flaw was found in the SquirrelMail\nmap_yp_alias function. If SquirrelMail was configured to retrieve a\nuser's IMAP server address from a Network Information Service (NIS) server\nvia the map_yp_alias function, an unauthenticated, remote attacker using\na specially-crafted username could use this flaw to execute arbitrary code\nwith the privileges of the web server. (CVE-2009-1579)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. An\nattacker could construct a carefully crafted URL, which once visited by an\nunsuspecting user, could cause the user's web browser to execute malicious\nscript in the context of the visited SquirrelMail web page. (CVE-2009-1578)\n\nIt was discovered that SquirrelMail did not properly sanitize Cascading\nStyle Sheets (CSS) directives used in HTML mail. A remote attacker could\nsend a specially-crafted email that could place mail content above\nSquirrelMail's controls, possibly allowing phishing and cross-site\nscripting attacks. (CVE-2009-1581)\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64063);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1581\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1066\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1066.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-08\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-10\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-05-12\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~13.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.5\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:33", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4870.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-4870 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2008-3663", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379", "CVE-2009-1578"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063985", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063985", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4870.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4870 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- update to 1.4.18 (fixes CVE-2009-1581)\n* Thu Dec 4 2008 Michal Hlavinka - 1.4.17-1\n- update to 1.4.17 (fixes CVE-2008-2379)\n* Wed Oct 1 2008 Michal Hlavinka - 1.4.16-1\n- update to 1.4.16\n- resolves: #464185: CVE-2008-3663 Squirrelmail session hijacking\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4870\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4870.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63985\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2008-3663\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-4870 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:09", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4870.", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-4870 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2008-3663", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379", "CVE-2009-1578"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63985", "href": "http://plugins.openvas.org/nasl.php?oid=63985", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_4870.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-4870 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- update to 1.4.18 (fixes CVE-2009-1581)\n* Thu Dec 4 2008 Michal Hlavinka - 1.4.17-1\n- update to 1.4.17 (fixes CVE-2008-2379)\n* Wed Oct 1 2008 Michal Hlavinka - 1.4.16-1\n- update to 1.4.16\n- resolves: #464185: CVE-2008-3663 Squirrelmail session hijacking\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-4870\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-4870.\";\n\n\n\nif(description)\n{\n script_id(63985);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2008-3663\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1578\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-4870 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500360\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500358\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500356\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500363\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.18~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:25", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8797.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8797 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064714", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064714", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8797.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8797 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Implemented page referral verification mechanism. (Secunia Advisory SA34627)\n- Implemented security token system. (Secunia Advisory SA34627)\n\nChangeLog:\n\n* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2\n- fix #517312 - CSRF issues in all forms (SA34627)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8797\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8797.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64714\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-8797 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=517312\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8797.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8797 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64714", "href": "http://plugins.openvas.org/nasl.php?oid=64714", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8797.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8797 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Implemented page referral verification mechanism. (Secunia Advisory SA34627)\n- Implemented security token system. (Secunia Advisory SA34627)\n\nChangeLog:\n\n* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2\n- fix #517312 - CSRF issues in all forms (SA34627)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8797\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8797.\";\n\n\n\nif(description)\n{\n script_id(64714);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-8797 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=517312\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:05:00", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10388", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:1361412562310862208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10388\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 13\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043667.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862208\");\n script_version(\"$Revision: 8287 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10388\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\");\n script_name(\"Fedora Update for cups FEDORA-2010-10388\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~5.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-15T11:57:58", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-07-02T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10388", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:862208", "href": "http://plugins.openvas.org/nasl.php?oid=862208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10388\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 13\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043667.html\");\n script_id(862208);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-02 14:26:21 +0200 (Fri, 02 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10388\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\");\n script_name(\"Fedora Update for cups FEDORA-2010-10388\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~5.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:23", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:800475", "href": "http://plugins.openvas.org/nasl.php?oid=800475", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_feb10_win.nasl 8210 2017-12-21 10:26:31Z cfischer $\n#\n# Adobe Flash Player/Air Multiple Vulnerabilities - feb10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to bypass security\n restrictions.\n Impact Level: Application\";\n\ntag_affected = \"Adobe AIR version prior to 1.5.3.9130\n\n Adobe Flash Player 10 version prior to 10.0.45.2 on Windows\";\n\ntag_insight = \"Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows\n remote attackers to bypass intended sandbox restrictions and make\n cross-domain requests via unspecified vectors.\";\n\ntag_solution = \"Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2,\n http://get.adobe.com/air\n http://www.adobe.com/support/flashplayer/downloads.html\";\n\ntag_summary = \"This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(800475);\n script_version(\"$Revision: 8210 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 11:26:31 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 11:58:13 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_name(\"Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Windows)\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=563819\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader_or_Acrobat/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:adobe:flash_player\";\nif(playerVer = get_app_version(cpe:CPE, nofork:TRUE))\n{\n # Grep for version 10.x < 10.0.45.2\n if(version_in_range(version:playerVer, test_version:\"10.0\", test_version2:\"10.0.45.1\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\nCPE = \"cpe:/a:adobe:adobe_air\";\nif(airVer = get_app_version(cpe:CPE))\n{\n # Grep for version < 1.5.3.9130\n if(version_is_less(version:airVer, test_version:\"1.5.3.9130\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-14T10:49:08", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2017-06-29T00:00:00", "id": "OPENVAS:800476", "href": "http://plugins.openvas.org/nasl.php?oid=800476", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_feb10_lin.nasl 6476 2017-06-29 07:32:00Z cfischer $\n#\n# Adobe Flash Player/Air Multiple Vulnerabilities - feb10 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to crash the application,\n denying service to legitimate users.\n Impact Level: Application\";\ntag_affected = \"Adobe AIR version prior to 1.5.3.9130\n Adobe Flash Player 10 version prior to 10.0.45.2 on Windows\";\ntag_insight = \"Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows\n remote attackers to bypass intended sandbox restrictions and make\n cross-domain requests via unspecified vectors.\";\ntag_solution = \"Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2\n http://get.adobe.com/air\n http://www.adobe.com/support/flashplayer/downloads.html\";\ntag_summary = \"This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(800476);\n script_version(\"$Revision: 6476 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-29 09:32:00 +0200 (Thu, 29 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 11:58:13 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_name(\"Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=563819\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader/Linux/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Check for Adobe Flash Player\nplayerVer = get_kb_item(\"AdobeFlashPlayer/Linux/Ver\");\nif(playerVer != NULL)\n{\n # Grep for version 10.x < 10.0.45.2\n if(version_in_range(version:playerVer, test_version:\"10.0\", test_version2:\"10.0.45.1\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n# Check for Adobe Air\nairVer = get_kb_item(\"Adobe/Air/Linux/Ver\");\nif(airVer != NULL)\n{\n # Grep for version < 1.5.3.9130\n if(version_is_less(version:airVer, test_version:\"1.5.3.9130\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:09:49", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-18T00:00:00", "type": "openvas", "title": "FreeBSD Ports: linux-flashplugin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2017-02-09T00:00:00", "id": "OPENVAS:66848", "href": "http://plugins.openvas.org/nasl.php?oid=66848", "sourceData": "#\n#VID ff6519ad-18e5-11df-9bdd-001b2134ef46\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID ff6519ad-18e5-11df-9bdd-001b2134ef46\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n linux-flashplugin\n linux-f8-flashplugin\n linux-f10-flashplugin\n\nCVE-2010-0186\nCross-domain vulnerability in Adobe Flash Player before 10.0.45.2 and\nAdobe AIR before 1.5.3.9130 allows remote attackers to bypass intended\nsandbox restrictions and make cross-domain requests via unspecified\nvectors.\n\nCVE-2010-0187\nAdobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130\nallow remote attackers to cause a denial of service (application\ncrash) via a modified SWF file.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.adobe.com/support/security/bulletins/apsb10-06.html\nhttp://www.vuxml.org/freebsd/ff6519ad-18e5-11df-9bdd-001b2134ef46.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(66848);\n script_version(\"$Revision: 5245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-09 09:57:08 +0100 (Thu, 09 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-18 21:15:01 +0100 (Thu, 18 Feb 2010)\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: linux-flashplugin\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"linux-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0r262\")<0) {\n txt += 'Package linux-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-f8-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0r45\")<0) {\n txt += 'Package linux-f8-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-f10-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0r45\")<0) {\n txt += 'Package linux-f10-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:09", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310800476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800476", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player/Air Multiple Vulnerabilities - feb10 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800476\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 11:58:13 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_name(\"Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=563819\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader/Linux/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to crash the application,\n denying service to legitimate users.\");\n\n script_tag(name:\"affected\", value:\"Adobe AIR version prior to 1.5.3.9130\n\n Adobe Flash Player 10 version prior to 10.0.45.2 on Windows\");\n\n script_tag(name:\"insight\", value:\"Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows\n remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.\");\n\n script_tag(name:\"solution\", value:\"Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nplayerVer = get_kb_item(\"AdobeFlashPlayer/Linux/Ver\");\nif(playerVer)\n{\n if(version_in_range(version:playerVer, test_version:\"10.0\", test_version2:\"10.0.45.1\"))\n {\n report = report_fixed_ver(installed_version:playerVer, vulnerable_range:\"10.0 - 10.0.45.1\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nairVer = get_kb_item(\"Adobe/Air/Linux/Ver\");\nif(airVer)\n{\n if(version_is_less(version:airVer, test_version:\"1.5.3.9130\")){\n report = report_fixed_ver(installed_version:airVer, fixed_version:\"1.5.3.9130\");\n security_message(port: 0, data: report);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:04:43", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-18T00:00:00", "type": "openvas", "title": "FreeBSD Ports: linux-flashplugin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:136141256231066848", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066848", "sourceData": "#\n#VID ff6519ad-18e5-11df-9bdd-001b2134ef46\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID ff6519ad-18e5-11df-9bdd-001b2134ef46\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n linux-flashplugin\n linux-f8-flashplugin\n linux-f10-flashplugin\n\nCVE-2010-0186\nCross-domain vulnerability in Adobe Flash Player before 10.0.45.2 and\nAdobe AIR before 1.5.3.9130 allows remote attackers to bypass intended\nsandbox restrictions and make cross-domain requests via unspecified\nvectors.\n\nCVE-2010-0187\nAdobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130\nallow remote attackers to cause a denial of service (application\ncrash) via a modified SWF file.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.adobe.com/support/security/bulletins/apsb10-06.html\nhttp://www.vuxml.org/freebsd/ff6519ad-18e5-11df-9bdd-001b2134ef46.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66848\");\n script_version(\"$Revision: 8287 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-18 21:15:01 +0100 (Thu, 18 Feb 2010)\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: linux-flashplugin\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"linux-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0r262\")<0) {\n txt += 'Package linux-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-f8-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0r45\")<0) {\n txt += 'Package linux-f8-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-f10-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0r45\")<0) {\n txt += 'Package linux-f10-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-06-02T15:55:19", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0186", "CVE-2010-0187"], "modified": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310800475", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800475", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player/Air Multiple Vulnerabilities - feb10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800475\");\n script_version(\"2020-05-28T14:41:23+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-28 14:41:23 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 11:58:13 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0186\", \"CVE-2010-0187\");\n script_bugtraq_id(38198, 38200);\n script_name(\"Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Windows)\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=563819\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb10-06.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader_or_Acrobat/Win/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"Adobe AIR version prior to 1.5.3.9130\n\n Adobe Flash Player 10 version prior to 10.0.45.2 on Windows\");\n\n script_tag(name:\"insight\", value:\"Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows\n remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.\");\n\n script_tag(name:\"solution\", value:\"Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list(\"cpe:/a:adobe:flash_player\",\n \"cpe:/a:adobe:adobe_air\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\ncpe = infos[\"cpe\"];\n\nif(cpe == \"cpe:/a:adobe:flash_player\") {\n if(version_in_range(version:vers, test_version:\"10.0\", test_version2:\"10.0.45.1\")) {\n report = report_fixed_ver(installed_version:vers, vulnerable_range:\"10.0 - 10.0.45.1\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n }\n} else if(cpe == \"cpe:/a:adobe:adobe_air\") {\n if(version_is_less(version:vers, test_version:\"1.5.3.9130\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"1.5.3.9130\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:38:33", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5350.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-5350 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064086", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064086", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5350.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5350 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri May 22 2009 Michal Hlavinka - 1.4.19-1\n- updated to 1.4.19\n- fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n* Tue May 19 2009 Michal Hlavinka - 1.4.18-2\n- fix undefined variable aSpamIds (#501260)\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5350\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5350.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64086\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-5350 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502137\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:30", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5350.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-5350 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64086", "href": "http://plugins.openvas.org/nasl.php?oid=64086", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5350.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5350 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri May 22 2009 Michal Hlavinka - 1.4.19-1\n- updated to 1.4.19\n- fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n* Tue May 19 2009 Michal Hlavinka - 1.4.18-2\n- fix undefined variable aSpamIds (#501260)\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- updated to 1.4.18\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5350\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5350.\";\n\n\n\nif(description)\n{\n script_id(64086);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-5350 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502137\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:43", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-04-29T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-7130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2010-1320", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:1361412562310861921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-7130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039860.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861921\");\n script_version(\"$Revision: 8207 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 08:30:12 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-29 13:13:58 +0200 (Thu, 29 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-7130\");\n script_cve_id(\"CVE-2010-1320\", \"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-7130\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:11:11", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-04-29T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-7130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2010-1320", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2017-12-12T00:00:00", "id": "OPENVAS:861921", "href": "http://plugins.openvas.org/nasl.php?oid=861921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-7130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039860.html\");\n script_id(861921);\n script_version(\"$Revision: 8082 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-12 07:31:24 +0100 (Tue, 12 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-29 13:13:58 +0200 (Thu, 29 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-7130\");\n script_cve_id(\"CVE-2010-1320\", \"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-7130\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-03T21:01:31", "description": "CUPS Web Interface is prone to Multiple Vulnerabilities.\n\n 1. A remote information-disclosure vulnerability. This\n issue affects the CUPS web interface component.\n\n Remote attackers can exploit this issue to obtain sensitive\n information that may lead to further attacks.\n\n 2. A cross-site request-forgery vulnerability.\n\n Attackers can exploit this issue to perform certain administrative\n actions and gain unauthorized access to the affected application.", "cvss3": {}, "published": "2010-06-22T00:00:00", "type": "openvas", "title": "CUPS Web Interface Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310100687", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CUPS Web Interface Multiple Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:cups\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100687\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-06-22 12:10:21 +0200 (Tue, 22 Jun 2010)\");\n script_bugtraq_id(40897, 40889);\n script_cve_id(\"CVE-2010-1748\", \"CVE-2010-0540\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"CUPS Web Interface Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"secpod_cups_detect.nasl\");\n script_require_ports(\"Services/www\", 631);\n script_mandatory_keys(\"CUPS/installed\");\n\n script_xref(name:\"URL\", value:\"https://www.securityfocus.com/bid/40897\");\n script_xref(name:\"URL\", value:\"http://cups.org/articles.php?L596\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"CUPS Web Interface is prone to Multiple Vulnerabilities.\n\n 1. A remote information-disclosure vulnerability. This\n issue affects the CUPS web interface component.\n\n Remote attackers can exploit this issue to obtain sensitive\n information that may lead to further attacks.\n\n 2. A cross-site request-forgery vulnerability.\n\n Attackers can exploit this issue to perform certain administrative\n actions and gain unauthorized access to the affected application.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\nif( vers !~ \"[0-9]+\\.[0-9]+\\.[0-9]+\")\n exit( 0 ); # Version is not exact enough\n\npath = infos[\"location\"];\n\nif(version_is_less( version:vers, test_version:\"1.4.4\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.4.4\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2017-12-14T11:48:28", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-17615", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862570", "href": "http://plugins.openvas.org/nasl.php?oid=862570", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-17615\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 13\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html\");\n script_id(862570);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17615\");\n script_cve_id(\"CVE-2010-2941\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\");\n script_name(\"Fedora Update for cups FEDORA-2010-17615\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~11.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:08", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-17615", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310862570", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862570", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-17615\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 13\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862570\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17615\");\n script_cve_id(\"CVE-2010-2941\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\");\n script_name(\"Fedora Update for cups FEDORA-2010-17615\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~11.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:04", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10101", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862286", "href": "http://plugins.openvas.org/nasl.php?oid=862286", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10101\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 12\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044567.html\");\n script_id(862286);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-30 15:25:34 +0200 (Fri, 30 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10101\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-10101\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~5.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:26", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-06-28T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:862205", "href": "http://plugins.openvas.org/nasl.php?oid=862205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10066\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 11\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043435.html\");\n script_id(862205);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-28 09:16:14 +0200 (Mon, 28 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10066\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-10066\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~4.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:05:49", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-06-28T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310862205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10066\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 11\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043435.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862205\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-28 09:16:14 +0200 (Mon, 28 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10066\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-10066\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~4.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-17T11:05:31", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-10101", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862286", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-10101\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 12\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044567.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862286\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-30 15:25:34 +0200 (Fri, 30 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-10101\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-10101\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~5.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:34", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5471.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5471 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2008-3663", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064085", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064085", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5471.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5471 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri May 22 2009 Michal Hlavinka - 1.4.19-1\n- updated to 1.4.19\n- fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n* Tue May 19 2009 Michal Hlavinka - 1.4.18-2\n- fix undefined variable aSpamIds (#501260)\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- update to 1.4.18 (fixes CVE-2009-1581)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5471\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5471.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64085\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2008-3663\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-5471 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502137\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:09", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5471.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5471 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1579", "CVE-2008-3663", "CVE-2009-1381", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64085", "href": "http://plugins.openvas.org/nasl.php?oid=64085", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5471.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5471 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ChangeLog:\n\n* Fri May 22 2009 Michal Hlavinka - 1.4.19-1\n- updated to 1.4.19\n- fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581\n* Tue May 19 2009 Michal Hlavinka - 1.4.18-2\n- fix undefined variable aSpamIds (#501260)\n* Tue May 12 2009 Michal Hlavinka - 1.4.18-1\n- update to 1.4.18 (fixes CVE-2009-1581)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5471\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-5471.\";\n\n\n\nif(description)\n{\n script_id(64085);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2008-2379\", \"CVE-2008-3663\", \"CVE-2009-1381\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-5471 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502137\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:58:19", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-8805", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2010-1320", "CVE-2010-1321", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:861973", "href": "http://plugins.openvas.org/nasl.php?oid=861973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-8805\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html\");\n script_id(861973);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8805\");\n script_cve_id(\"CVE-2010-1321\", \"CVE-2010-1320\", \"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-8805\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~9.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:37", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-05-28T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-8805", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2010-1320", "CVE-2010-1321", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:1361412562310861973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-8805\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861973\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-8805\");\n script_cve_id(\"CVE-2010-1321\", \"CVE-2010-1320\", \"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-8805\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~9.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:17:54", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-17627", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862562", "href": "http://plugins.openvas.org/nasl.php?oid=862562", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-17627\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 12\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html\");\n script_id(862562);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17627\");\n script_cve_id(\"CVE-2010-2941\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-17627\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~11.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:04:44", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for cups FEDORA-2010-17627", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310862562", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862562", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2010-17627\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 12\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX® operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862562\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17627\");\n script_cve_id(\"CVE-2010-2941\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-0302\", \"CVE-2009-3553\");\n script_name(\"Fedora Update for cups FEDORA-2010-17627\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.4~11.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:49:02", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-1722", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2009-3295", "CVE-2009-4212"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:861626", "href": "http://plugins.openvas.org/nasl.php?oid=861626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-1722\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html\");\n script_id(861626);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1722\");\n script_cve_id(\"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-1722\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:54", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-1722", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2009-3295", "CVE-2009-4212"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310861626", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-1722\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861626\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1722\");\n script_cve_id(\"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-1722\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:17:41", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-952-1", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for cups, cupsys vulnerabilities USN-952-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840447", "href": "http://plugins.openvas.org/nasl.php?oid=840447", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_952_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for cups, cupsys vulnerabilities USN-952-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Adrian Pastor and Tim Starling discovered that the CUPS web interface\n incorrectly protected against cross-site request forgery (CSRF) attacks. If\n an authenticated user were tricked into visiting a malicious website while\n logged into CUPS, a remote attacker could modify the CUPS configuration and\n possibly steal confidential data. (CVE-2010-0540)\n\n It was discovered that CUPS did not properly handle memory allocations in\n the texttops filter. If a user or automated system were tricked into\n printing a crafted text file, a remote attacker could cause a denial of\n service or possibly execute arbitrary code with privileges of the CUPS user\n (lp). (CVE-2010-0542)\n \n Luca Carettoni discovered that the CUPS web interface incorrectly handled\n form variables. A remote attacker who had access to the CUPS web interface\n could use this flaw to read a limited amount of memory from the cupsd\n process and possibly obtain confidential data. (CVE-2010-1748)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-952-1\";\ntag_affected = \"cups, cupsys vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-952-1/\");\n script_id(840447);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"952-1\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"Ubuntu Update for cups, cupsys vulnerabilities USN-952-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-gnutls10\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:05", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-08-20T00:00:00", "type": "openvas", "title": "CentOS Update for cups CESA-2010:0490 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:880407", "href": "http://plugins.openvas.org/nasl.php?oid=880407", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cups CESA-2010:0490 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS "texttops" filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS "texttops" filter. An attacker could\n create a malicious text file that would cause "texttops" to crash or,\n potentially, execute arbitrary code as the "lp" user if the file was\n printed. (CVE-2010-0542)\n\n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n\n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n\n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n\n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n\n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016914.html\");\n script_id(880407);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-20 14:57:11 +0200 (Fri, 20 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0490\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"CentOS Update for cups CESA-2010:0490 centos3 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:40", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-176-05.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-176-05 cups", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231068166", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068166", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_176_05.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68166\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-176-05 cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK13\\.1\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-176-05\");\n\n script_tag(name:\"insight\", value:\"New cups packages are available for Slackware 13.1 and -current to\nfix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-176-05.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"cups\", ver:\"1.4.4-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for cups CESA-2010:0490 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880585", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880585", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cups CESA-2010:0490 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-June/016735.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880585\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0490\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"CentOS Update for cups CESA-2010:0490 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"cups on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS 'texttops' filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS 'texttops' filter. An attacker could\n create a malicious text file that would cause 'texttops' to crash or,\n potentially, execute arbitrary code as the 'lp' user if the file was\n printed. (CVE-2010-0542)\n\n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n\n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n\n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n\n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542 Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540, and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n\n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-17T11:05:32", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-08-20T00:00:00", "type": "openvas", "title": "CentOS Update for cups CESA-2010:0490 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310880407", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880407", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cups CESA-2010:0490 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS "texttops" filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS "texttops" filter. An attacker could\n create a malicious text file that would cause "texttops" to crash or,\n potentially, execute arbitrary code as the "lp" user if the file was\n printed. (CVE-2010-0542)\n\n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n\n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n\n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n\n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n\n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016914.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880407\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-20 14:57:11 +0200 (Fri, 20 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0490\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"CentOS Update for cups CESA-2010:0490 centos3 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.17~13.3.65\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:07", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-176-05.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-176-05 cups ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68166", "href": "http://plugins.openvas.org/nasl.php?oid=68166", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_176_05.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New cups packages are available for Slackware 13.1 and -current to\nfix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-176-05.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-176-05\";\n \nif(description)\n{\n script_id(68166);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-176-05 cups \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"cups\", ver:\"1.4.4-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:57:50", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2010:0490-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:870279", "href": "http://plugins.openvas.org/nasl.php?oid=870279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2010:0490-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS "texttops" filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS "texttops" filter. An attacker could\n create a malicious text file that would cause "texttops" to crash or,\n potentially, execute arbitrary code as the "lp" user if the file was\n printed. (CVE-2010-0542)\n \n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n \n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n \n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n \n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n \n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\n\ntag_affected = \"cups on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-June/msg00013.html\");\n script_id(870279);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0490-01\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"RedHat Update for cups RHSA-2010:0490-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:01", "description": "Oracle Linux Local Security Checks ELSA-2010-0490", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122351", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0490.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122351\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:17:20 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0490\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0490 - cups security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0490\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0490.html\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~18.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~18.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~18.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~18.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:04:47", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-952-1", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Ubuntu Update for cups, cupsys vulnerabilities USN-952-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:1361412562310840447", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840447", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_952_1.nasl 8274 2018-01-03 07:28:17Z teissa $\n#\n# Ubuntu Update for cups, cupsys vulnerabilities USN-952-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Adrian Pastor and Tim Starling discovered that the CUPS web interface\n incorrectly protected against cross-site request forgery (CSRF) attacks. If\n an authenticated user were tricked into visiting a malicious website while\n logged into CUPS, a remote attacker could modify the CUPS configuration and\n possibly steal confidential data. (CVE-2010-0540)\n\n It was discovered that CUPS did not properly handle memory allocations in\n the texttops filter. If a user or automated system were tricked into\n printing a crafted text file, a remote attacker could cause a denial of\n service or possibly execute arbitrary code with privileges of the CUPS user\n (lp). (CVE-2010-0542)\n \n Luca Carettoni discovered that the CUPS web interface incorrectly handled\n form variables. A remote attacker who had access to the CUPS web interface\n could use this flaw to read a limited amount of memory from the cupsd\n process and possibly obtain confidential data. (CVE-2010-1748)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-952-1\";\ntag_affected = \"cups, cupsys vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-952-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840447\");\n script_version(\"$Revision: 8274 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 08:28:17 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"952-1\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"Ubuntu Update for cups, cupsys vulnerabilities USN-952-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.4.1-5ubuntu2.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-gnutls10\", ver:\"1.2.2-0ubuntu0.6.06.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupscgi1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsdriver1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsmime1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1-dev\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsppdc1\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-ppdc\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsddk\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.4.3-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups-bsd\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-client\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-dbg\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcups2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cups-common\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-dbg\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.9-17ubuntu3.9\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2-dev\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsimage2\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cupsys-common\", ver:\"1.3.7-1ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:53:37", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "RedHat Update for cups RHSA-2010:0490-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310870279", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cups RHSA-2010:0490-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS "texttops" filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS "texttops" filter. An attacker could\n create a malicious text file that would cause "texttops" to crash or,\n potentially, execute arbitrary code as the "lp" user if the file was\n printed. (CVE-2010-0542)\n \n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n \n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n \n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n \n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n \n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\n\ntag_affected = \"cups on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-June/msg00013.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870279\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0490-01\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"RedHat Update for cups RHSA-2010:0490-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~18.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.22~0.rc1.9.32.el4_8.6\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.1.17~13.3.65\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:24", "description": "Check for the Version of cups", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for cups CESA-2010:0490 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880585", "href": "http://plugins.openvas.org/nasl.php?oid=880585", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cups CESA-2010:0490 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Common UNIX Printing System (CUPS) provides a portable printing layer\n for UNIX operating systems. The CUPS "texttops" filter converts text files\n to PostScript.\n\n A missing memory allocation failure check flaw, leading to a NULL pointer\n dereference, was found in the CUPS "texttops" filter. An attacker could\n create a malicious text file that would cause "texttops" to crash or,\n potentially, execute arbitrary code as the "lp" user if the file was\n printed. (CVE-2010-0542)\n \n A Cross-Site Request Forgery (CSRF) issue was found in the CUPS web\n interface. If a remote attacker could trick a user, who is logged into the\n CUPS web interface as an administrator, into visiting a specially-crafted\n website, the attacker could reconfigure and disable CUPS, and gain access\n to print jobs and system files. (CVE-2010-0540)\n \n Note: As a result of the fix for CVE-2010-0540, cookies must now be enabled\n in your web browser to use the CUPS web interface.\n \n An uninitialized memory read issue was found in the CUPS web interface. If\n an attacker had access to the CUPS web interface, they could use a\n specially-crafted URL to leverage this flaw to read a limited amount of\n memory from the cupsd process, possibly obtaining sensitive information.\n (CVE-2010-1748)\n \n Red Hat would like to thank the Apple Product Security team for responsibly\n reporting these issues. Upstream acknowledges regenrecht as the original\n reporter of CVE-2010-0542; Adrian 'pagvac' Pastor of GNUCITIZEN and Tim\n Starling as the original reporters of CVE-2010-0540; and Luca Carettoni as\n the original reporter of CVE-2010-1748.\n \n Users of cups are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing this\n update, the cupsd daemon will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-June/016735.html\");\n script_id(880585);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0490\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\");\n script_name(\"CentOS Update for cups CESA-2010:0490 centos5 i386\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.3.7~18.el5_5.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:48", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-4677", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:1361412562310861807", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861807", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-4677\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038129.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861807\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-4677\");\n script_cve_id(\"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-4677\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~6.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:10:58", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2010-4677", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0283", "CVE-2009-3295", "CVE-2009-4212", "CVE-2010-0628"], "modified": "2017-12-11T00:00:00", "id": "OPENVAS:861807", "href": "http://plugins.openvas.org/nasl.php?oid=861807", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2010-4677\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 12\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038129.html\");\n script_id(861807);\n script_version(\"$Revision: 8068 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-11 07:31:34 +0100 (Mon, 11 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-4677\");\n script_cve_id(\"CVE-2010-0628\", \"CVE-2010-0283\", \"CVE-2009-4212\", \"CVE-2009-3295\");\n script_name(\"Fedora Update for krb5 FEDORA-2010-4677\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.7.1~6.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:34", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Mandriva Update for cups MDVSA-2010:232 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2010-2431"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:831252", "href": "http://plugins.openvas.org/nasl.php?oid=831252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cups MDVSA-2010:232 (cups)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in cups:\n\n Cross-site request forgery (CSRF) vulnerability in the web interface\n in CUPS, allows remote attackers to hijack the authentication of\n administrators for requests that change settings (CVE-2010-0540).\n \n The _WriteProlog function in texttops.c in texttops in the Text Filter\n subsystem in CUPS before 1.4.4 does not check the return values\n of certain calloc calls, which allows remote attackers to cause a\n denial of service (NULL pointer dereference or heap memory corruption)\n or possibly execute arbitrary code via a crafted file (CVE-2010-0542).\n \n The web interface in CUPS, reads uninitialized memory during handling\n of form variables, which allows context-dependent attackers to obtain\n sensitive information from cupsd process memory via unspecified vectors\n (CVE-2010-1748).\n \n The cupsFileOpen function in CUPS before 1.4.4 allows local users,\n with lp group membership, to overwrite arbitrary files via a\n symlink attack on the (1) /var/cache/cups/remote.cache or (2)\n /var/cache/cups/job.cache file (CVE-2010-2431).\n \n ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate\n memory for attribute values with invalid string data types, which\n allows remote attackers to cause a denial of service (use-after-free\n and application crash) or possibly execute arbitrary code via a\n crafted IPP request (CVE-2010-2941).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00026.php\");\n script_id(831252);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:232\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2941\");\n script_name(\"Mandriva Update for cups MDVSA-2010:232 (cups)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-25T10:55:14", "description": "Check for the Version of cups", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Mandriva Update for cups MDVSA-2010:232 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2010-2431"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:1361412562310831252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831252", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cups MDVSA-2010:232 (cups)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in cups:\n\n Cross-site request forgery (CSRF) vulnerability in the web interface\n in CUPS, allows remote attackers to hijack the authentication of\n administrators for requests that change settings (CVE-2010-0540).\n \n The _WriteProlog function in texttops.c in texttops in the Text Filter\n subsystem in CUPS before 1.4.4 does not check the return values\n of certain calloc calls, which allows remote attackers to cause a\n denial of service (NULL pointer dereference or heap memory corruption)\n or possibly execute arbitrary code via a crafted file (CVE-2010-0542).\n \n The web interface in CUPS, reads uninitialized memory during handling\n of form variables, which allows context-dependent attackers to obtain\n sensitive information from cupsd process memory via unspecified vectors\n (CVE-2010-1748).\n \n The cupsFileOpen function in CUPS before 1.4.4 allows local users,\n with lp group membership, to overwrite arbitrary files via a\n symlink attack on the (1) /var/cache/cups/remote.cache or (2)\n /var/cache/cups/job.cache file (CVE-2010-2431).\n \n ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate\n memory for attribute values with invalid string data types, which\n allows remote attackers to cause a denial of service (use-after-free\n and application crash) or possibly execute arbitrary code via a\n crafted IPP request (CVE-2010-2941).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"cups on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00026.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831252\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:232\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2941\");\n script_name(\"Mandriva Update for cups MDVSA-2010:232 (cups)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.4mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.4.1~12.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.3.10~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:51:11", "description": "The remote host is missing updates announced in\nadvisory GLSA 201207-10.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201207-10 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2011-3170", "CVE-2010-2432", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553", "CVE-2010-2431", "CVE-2010-0393"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71590", "href": "http://plugins.openvas.org/nasl.php?oid=71590", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in CUPS, some of which may\nallow execution of arbitrary code or local privilege escalation.\";\ntag_solution = \"All CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-print/cups-1.4.8-r1'\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 03, 2011. It is likely that your system is\n already no longer affected by this issue.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201207-10\nhttp://bugs.gentoo.org/show_bug.cgi?id=295256\nhttp://bugs.gentoo.org/show_bug.cgi?id=308045\nhttp://bugs.gentoo.org/show_bug.cgi?id=325551\nhttp://bugs.gentoo.org/show_bug.cgi?id=380771\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201207-10.\";\n\n \n \nif(description)\n{\n script_id(71590);\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-3553\", \"CVE-2010-0302\", \"CVE-2010-0393\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2010-2941\", \"CVE-2011-3170\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:56 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201207-10 (cups)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-print/cups\", unaffected: make_list(\"ge 1.4.8-r1\"), vulnerable: make_list(\"lt 1.4.8-r1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing updates announced in\nadvisory GLSA 201207-10.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201207-10 (cups)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2941", "CVE-2010-0302", "CVE-2011-3170", "CVE-2010-2432", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0542", "CVE-2009-3553", "CVE-2010-2431", "CVE-2010-0393"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071590", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201207_10.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71590\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-3553\", \"CVE-2010-0302\", \"CVE-2010-0393\", \"CVE-2010-0540\", \"CVE-2010-0542\", \"CVE-2010-1748\", \"CVE-2010-2431\", \"CVE-2010-2432\", \"CVE-2010-2941\", \"CVE-2011-3170\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:56 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201207-10 (cups)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in CUPS, some of which may\nallow execution of arbitrary code or local privilege escalation.\");\n script_tag(name:\"solution\", value:\"All CUPS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-print/cups-1.4.8-r1'\n\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 03, 2011. It is likely that your system is\n already no longer affected by this issue.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201207-10\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=295256\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=308045\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=325551\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=380771\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201207-10.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ni

Mac OS X 10.6.x &lt; 10.6.4 Multiple Vulnerabilities

Description

Related

Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities