Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)
2017-05-08T00:00:00
ID MACOS_ITUNES_12_6.NASL Type nessus Reporter Tenable Modified 2018-07-14T00:00:00
Description
The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :
Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)
Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(100027);
script_version("1.3");
script_cvs_date("Date: 2018/07/14 1:59:37");
script_cve_id(
"CVE-2009-3270",
"CVE-2009-3560",
"CVE-2009-3720",
"CVE-2012-1147",
"CVE-2012-1148",
"CVE-2012-6702",
"CVE-2013-7443",
"CVE-2015-1283",
"CVE-2015-3414",
"CVE-2015-3415",
"CVE-2015-3416",
"CVE-2015-3717",
"CVE-2015-6607",
"CVE-2016-0718",
"CVE-2016-4472",
"CVE-2016-5300",
"CVE-2016-6153"
);
script_bugtraq_id(
36097,
37203,
52379,
74228,
75491,
75973,
76089,
76970,
79354,
90729,
91159,
91483,
91528,
91546
);
script_xref(name:"APPLE-SA", value:"APPLE-SA-2017-03-22-2");
script_xref(name:"EDB-ID", value:"12509");
script_name(english:"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)");
script_summary(english:"Checks iTunes version.");
script_set_attribute(attribute:"synopsis", value:
"The remote host contains an application that is affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Apple iTunes installed on the remote macOS or Mac OS X
host is prior to 12.6. It is, therefore, affected by multiple
vulnerabilities :
- Multiple vulnerabilities exist in the expat component,
the most severe of which are remote code execution
vulnerabilities. An unauthenticated, remote attacker can
exploit these vulnerabilities to cause a denial of
service condition or the execution of arbitrary code in
the context of the current user. (CVE-2009-3270,
CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,
CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,
CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)
- Multiple vulnerabilities exist in the SQLite component,
the most severe of which are remote code execution
vulnerabilities. An unauthenticated, remote attacker can
exploit these vulnerabilities by convincing a user to
open a specially crafted file, to cause a denial of
service condition or the execution of arbitrary code in
the context of the current user. (CVE-2013-7443,
CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,
CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT207598");
# https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8b01bc68");
script_set_attribute(attribute:"solution", value:
"Upgrade to iTunes version 12.6 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(119, 399);
script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/17");
script_set_attribute(attribute:"patch_publication_date", value:"2017/03/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:itunes");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.");
script_dependencies("macosx_itunes_detect.nasl");
script_require_keys("Host/MacOSX/Version", "installed_sw/iTunes");
exit(0);
}
include("vcf.inc");
os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
app_info = vcf::get_app_info(app:"iTunes");
constraints = [{"fixed_version" : "12.6"}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
{"id": "MACOS_ITUNES_12_6.NASL", "bulletinFamily": "scanner", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2017-05-08T00:00:00", "modified": "2018-07-14T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "reporter": "Tenable", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "type": "nessus", "lastseen": "2019-02-21T01:30:44", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:apple:itunes"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:27:05", "references": [{"idList": ["KLA10565"], "type": "kaspersky"}, {"idList": ["RHSA-2009:1625", "RHSA-2015:1635"], "type": "redhat"}, {"idList": ["SUSE-SU-2016:1508-1"], "type": "suse"}, {"idList": ["ELSA-2015-1635", "ELSA-2009-1625"], "type": "oraclelinux"}, {"idList": ["ALAS-2015-591"], "type": "amazon"}, {"idList": ["CVE-2015-3415", "CVE-2015-3717", "CVE-2012-6702", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2013-7443"], "type": "cve"}, {"idList": ["C9C252F5-2DEF-11E6-AE88-002590263BF5", "DEC3164F-3121-45EF-AF18-BB113AC5082F"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-3252-1:580AD"], "type": "debian"}, {"idList": ["ASA-201605-22"], "type": "archlinux"}, {"idList": ["GLSA-201701-21", "GLSA-201507-05", "GLSA-201209-06"], "type": "gentoo"}, {"idList": ["USN-3010-1", "USN-2698-1", "USN-3013-1"], "type": "ubuntu"}, {"idList": ["FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "CENTOS_RHSA-2015-1635.NASL", "ITUNES_12_6_BANNER.NASL", "UBUNTU_USN-3013-1.NASL", "GENTOO_GLSA-201701-21.NASL", "UBUNTU_USN-2698-1.NASL", "ORACLELINUX_ELSA-2015-1635.NASL", "SLACKWARE_SSA_2016-359-01.NASL", "ITUNES_12_6.NASL", "DEBIAN_DSA-3252.NASL"], "type": "nessus"}, {"idList": ["CESA-2015:1635"], "type": "centos"}, {"idList": ["OPENVAS:703252", "OPENVAS:1361412562310808469", "OPENVAS:1361412562310123027", "OPENVAS:1361412562310810724", "OPENVAS:1361412562310810725", "OPENVAS:1361412562310842395", "OPENVAS:1361412562310842800", "OPENVAS:72423", "OPENVAS:136141256231072423", "OPENVAS:1361412562310882248"], "type": "openvas"}, {"idList": ["SOL65460334", "SOL22232964", "F5:K65460334", "F5:K16950", "SOL15905", "F5:K22232964", "F5:K37236006", "F5:K52320548", "SOL37236006", "F5:K15905"], "type": "f5"}, {"idList": ["CFOUNDRY:21BFDCCE9261A7005B811F988D3B9279"], "type": "cloudfoundry"}, {"idList": ["SECURITYVULNS:VULN:14389", "SECURITYVULNS:DOC:31989"], "type": "securityvulns"}, {"idList": ["SSA-2016-359-01"], "type": "slackware"}]}, "score": {"value": 6.8, "vector": "NONE"}}, "hash": "0fd6200b9e570b09536e12d0d0b11f6744d3f47147bc8a4e3e716f767bcc83da", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "882cef73d7ce4b4f6aaa9dcbfc958401", "key": "description"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b35e2baf30acf8b71d3ffbcefc476f98", "key": "sourceData"}, {"hash": "d7a2f84f623d9565d812c51123462905", "key": "modified"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "31f20f7720bb8f9a863ba5eb6fe56d78", "key": "cpe"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2019-01-16T20:27:05", "modified": "2018-07-14T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.3", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:27:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:apple:itunes"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 6, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "hash": "72d80d796a17608e7ee91725e6c7df6655b3390f665389b56b31d9705058f91c", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b35e2baf30acf8b71d3ffbcefc476f98", "key": "sourceData"}, {"hash": "d7a2f84f623d9565d812c51123462905", "key": "modified"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "31f20f7720bb8f9a863ba5eb6fe56d78", "key": "cpe"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2018-09-01T23:58:27", "modified": "2018-07-14T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.3", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-09-01T23:58:27"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 1, "hash": "9b46a5e30c7a2a1e9453a013d6e42684f66e3a6c6623c22bdab97881c5a82f74", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "1c71fb967d0dc58b4abacd09f1c1bef8", "key": "sourceData"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "modified"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2017-05-09T02:46:54", "modified": "2017-05-08T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.2", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2017/05/08 16:49:57 $\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_osvdb_id(\n 58399,\n 59737,\n 60797,\n 80892,\n 80893,\n 80894,\n 120909,\n 120943,\n 120944,\n 122039,\n 123915,\n 124928,\n 138680,\n 139342,\n 140838,\n 151459,\n 154558,\n 154559\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-05-09T02:46:54"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:apple:itunes"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 3, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "hash": "43a0caadaa1f2b4da3096fd9ab38538f1662db9a049da151e65aa7849494a572", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "8858f5982aeeacd89f2ef1a5c91a8037", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "31f20f7720bb8f9a863ba5eb6fe56d78", "key": "cpe"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "251f7e82e99b45e17b6cf8e939e6b119", "key": "modified"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2017-10-29T13:41:58", "modified": "2017-05-10T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.3", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2017/05/10 13:37:30 $\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_osvdb_id(\n 58399,\n 59737,\n 60797,\n 80892,\n 80893,\n 80894,\n 120909,\n 120943,\n 120944,\n 122039,\n 123915,\n 124928,\n 138680,\n 139342,\n 140838,\n 151459,\n 154558,\n 154559\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-10-29T13:41:58"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:apple:itunes"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 4, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "hash": "72d80d796a17608e7ee91725e6c7df6655b3390f665389b56b31d9705058f91c", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b35e2baf30acf8b71d3ffbcefc476f98", "key": "sourceData"}, {"hash": "d7a2f84f623d9565d812c51123462905", "key": "modified"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "31f20f7720bb8f9a863ba5eb6fe56d78", "key": "cpe"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2018-07-15T04:06:36", "modified": "2018-07-14T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.3", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-07-15T04:06:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 2, "enchantments": {}, "hash": "d327793adf973f755b172c9603b065142c9b6aa5ec4b72d18f6792f3cff1d4e8", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "8858f5982aeeacd89f2ef1a5c91a8037", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "251f7e82e99b45e17b6cf8e939e6b119", "key": "modified"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2017-05-10T18:47:35", "modified": "2017-05-10T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.2", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2017/05/10 13:37:30 $\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_osvdb_id(\n 58399,\n 59737,\n 60797,\n 80892,\n 80893,\n 80894,\n 120909,\n 120943,\n 120944,\n 122039,\n 123915,\n 124928,\n 138680,\n 139342,\n 140838,\n 151459,\n 154558,\n 154559\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2017-05-10T18:47:35"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:apple:itunes"], "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2015-3415", "CVE-2015-3717", "CVE-2016-5300", "CVE-2015-1283", "CVE-2012-6702", "CVE-2016-0718", "CVE-2016-6153", "CVE-2015-3416", "CVE-2015-3414", "CVE-2009-3720", "CVE-2015-6607", "CVE-2009-3270", "CVE-2009-3560", "CVE-2016-4472", "CVE-2013-7443"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 5, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "hash": "ea280251af8ed2e6c5f5b3cbef6a66ff9a9b61255e46be89d85610669b69d68a", "hashmap": [{"hash": "c95fcd8e9130e4723dfeb84e1617f09d", "key": "cvelist"}, {"hash": "27ef9bca58799b0d9e064c34f88d8670", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b35e2baf30acf8b71d3ffbcefc476f98", "key": "sourceData"}, {"hash": "d7a2f84f623d9565d812c51123462905", "key": "modified"}, {"hash": "27d8a19761746030de774a9d86838569", "key": "title"}, {"hash": "984b09a58a62a821e4060abf6c665de7", "key": "published"}, {"hash": "186a5c2166ff34e91b827f8799ac74aa", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "31f20f7720bb8f9a863ba5eb6fe56d78", "key": "cpe"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f9a595bbc8de0c52cd25e6ad538533db", "key": "pluginID"}, {"hash": "b7f2eddbe497dd089eb1af8c3204cb2f", "key": "references"}, {"hash": "9415f91090c2218ae67dd519ff399983", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=100027", "id": "MACOS_ITUNES_12_6.NASL", "lastseen": "2018-08-30T19:50:40", "modified": "2018-07-14T00:00:00", "naslFamily": "MacOS X Local Security Checks", "objectVersion": "1.3", "pluginID": "100027", "published": "2017-05-08T00:00:00", "references": ["https://support.apple.com/en-us/HT207598", "http://www.nessus.org/u?8b01bc68"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:50:40"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "31f20f7720bb8f9a863ba5eb6fe56d78"}, {"key": "cvelist", "hash": "c95fcd8e9130e4723dfeb84e1617f09d"}, {"key": "cvss", "hash": "ed3111898fb94205e2b64cefef5a2081"}, {"key": "description", "hash": "186a5c2166ff34e91b827f8799ac74aa"}, {"key": "href", "hash": "27ef9bca58799b0d9e064c34f88d8670"}, {"key": "modified", "hash": "d7a2f84f623d9565d812c51123462905"}, {"key": "naslFamily", "hash": "9415f91090c2218ae67dd519ff399983"}, {"key": "pluginID", "hash": "f9a595bbc8de0c52cd25e6ad538533db"}, {"key": "published", "hash": "984b09a58a62a821e4060abf6c665de7"}, {"key": "references", "hash": "b7f2eddbe497dd089eb1af8c3204cb2f"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "b35e2baf30acf8b71d3ffbcefc476f98"}, {"key": "title", "hash": "27d8a19761746030de774a9d86838569"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "72d80d796a17608e7ee91725e6c7df6655b3390f665389b56b31d9705058f91c", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310810725", "OPENVAS:1361412562310810724", "OPENVAS:1361412562310842800", "OPENVAS:1361412562310842395", "OPENVAS:1361412562310808469", "OPENVAS:1361412562310808946", "OPENVAS:1361412562310808476", "OPENVAS:136141256231072423", "OPENVAS:1361412562310871431", "OPENVAS:1361412562310123027"]}, {"type": "f5", "idList": ["SOL37236006", "F5:K37236006", "SOL15905", "F5:K15905", "F5:K22232964", "F5:K16950", "SOL22232964", "F5:K65460334", "F5:K52320548", "SOL16950"]}, {"type": "nessus", "idList": ["ITUNES_12_6.NASL", "ITUNES_12_6_BANNER.NASL", "SLACKWARE_SSA_2016-359-01.NASL", "UBUNTU_USN-3013-1.NASL", "GENTOO_GLSA-201701-21.NASL", "UBUNTU_USN-2698-1.NASL", "FEDORA_2016-60889583AB.NASL", "FEDORA_2016-7C6E7A9265.NASL", "FEDORA_2016-0FD6CA526A.NASL", "ORACLELINUX_ELSA-2015-1635.NASL"]}, {"type": "ubuntu", "idList": ["USN-3013-1", "USN-2698-1", "USN-3010-1"]}, {"type": "cve", "idList": ["CVE-2012-6702", "CVE-2013-7443", "CVE-2009-3270", "CVE-2015-6607", "CVE-2015-3717", "CVE-2016-6153", "CVE-2015-3416", "CVE-2016-4472", "CVE-2009-3720", "CVE-2012-1147"]}, {"type": "gentoo", "idList": ["GLSA-201701-21", "GLSA-201507-05", "GLSA-201209-06"]}, {"type": "slackware", "idList": ["SSA-2016-359-01"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3252-1:580AD"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1635"]}, {"type": "redhat", "idList": ["RHSA-2015:1635"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14389", "SECURITYVULNS:DOC:31989"]}, {"type": "kaspersky", "idList": ["KLA10565"]}, {"type": "centos", "idList": ["CESA-2015:1635"]}, {"type": "amazon", "idList": ["ALAS-2015-591"]}, {"type": "freebsd", "idList": ["DEC3164F-3121-45EF-AF18-BB113AC5082F", "C9C252F5-2DEF-11E6-AE88-002590263BF5"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:21BFDCCE9261A7005B811F988D3B9279"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1512-1", "SUSE-SU-2016:1508-1"]}, {"type": "archlinux", "idList": ["ASA-201605-23"]}], "modified": "2019-02-21T01:30:44"}, "score": {"value": 9.0, "vector": "NONE", "modified": "2019-02-21T01:30:44"}, "vulnersScore": 9.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100027);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:37\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)\");\n script_summary(english:\"Checks iTunes version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote macOS or Mac OS X\nhost is prior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_itunes_detect.nasl\");\n script_require_keys(\"Host/MacOSX/Version\", \"installed_sw/iTunes\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"iTunes\");\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "naslFamily": "MacOS X Local Security Checks", "pluginID": "100027", "cpe": ["cpe:/a:apple:itunes"], "scheme": null}
{"openvas": [{"lastseen": "2019-05-29T18:34:27", "bulletinFamily": "scanner", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "modified": "2018-10-19T00:00:00", "published": "2017-03-30T00:00:00", "id": "OPENVAS:1361412562310810725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810725", "title": "Apple iTunes Multiple Vulnerabilities-HT207598 (MACOSX)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_HT207598.nasl 11977 2018-10-19 07:28:56Z mmartin $\n#\n# Apple iTunes Multiple Vulnerabilities-HT207598 (MACOSX)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810725\");\n script_version(\"$Revision: 11977 $\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 09:28:56 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:45:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207598 (MACOSX)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to the multiple\n issues in SQLite and expat\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on MACOSX\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207598\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_itunes_detect_macosx.nasl\");\n script_mandatory_keys(\"Apple/iTunes/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.apple.com/itunes\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ituneVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\n## Check for Apple iTunes vulnerable versions\nif(version_is_less(version:ituneVer, test_version:\"12.6\"))\n{\n report = report_fixed_ver(installed_version:ituneVer, fixed_version:\"12.6\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:56", "bulletinFamily": "scanner", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2017-03-30T00:00:00", "id": "OPENVAS:1361412562310810724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810724", "title": "Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_HT207599.nasl 11959 2018-10-18 10:33:40Z mmartin $\n#\n# Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810724\");\n script_version(\"$Revision: 11959 $\");\n script_cve_id(\"CVE-2009-3270\", \"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-1147\",\n \"CVE-2012-1148\", \"CVE-2012-6702\", \"CVE-2013-7443\", \"CVE-2015-1283\",\n \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\", \"CVE-2015-3717\",\n \"CVE-2015-6607\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\",\n \"CVE-2016-6153\", \"CVE-2017-2383\", \"CVE-2017-2463\", \"CVE-2017-2479\",\n \"CVE-2017-2480\", \"CVE-2017-5029\");\n script_bugtraq_id(74228);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 12:33:40 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-30 17:37:29 +0530 (Thu, 30 Mar 2017)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities-HT207599 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A client certificate was sent in plaintext. This issue was addressed\n through improved certificate handling.\n\n - The multiple issues existed in SQLite.\n\n - The multiple issues existed in expat.\n\n - The multiple memory corruption issues were addressed through\n improved memory handling.\n\n - The processing maliciously crafted web content may lead to arbitrary\n code execution.\n\n - The processing maliciously crafted web content may exfiltrate data\n cross-origin.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code, cause unexpected application termination\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.6 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.6.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT207599\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://www.apple.com/itunes\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!ituneVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\n## Check for Apple iTunes vulnerable versions\nif(version_is_less(version:ituneVer, test_version:\"12.6\"))\n{\n report = report_fixed_ver(installed_version:ituneVer, fixed_version:\"12.6\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:10", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-06-21T00:00:00", "id": "OPENVAS:1361412562310842800", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842800", "title": "Ubuntu Update for xmlrpc-c USN-3013-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for xmlrpc-c USN-3013-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842800\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-21 05:47:53 +0200 (Tue, 21 Jun 2016)\");\n script_cve_id(\"CVE-2012-6702\", \"CVE-2016-5300\", \"CVE-2016-0718\", \"CVE-2015-1283\",\n \"CVE-2016-4472\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for xmlrpc-c USN-3013-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xmlrpc-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Expat code in\n XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This\n could reduce the security of calling applications. (CVE-2012-6702)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly\nhandled seeding the random number generator. A remote attacker could\npossibly use this issue to cause a denial of service. (CVE-2016-5300)\n\nGustavo Grieco discovered that the Expat code in XML-RPC for C and C++\nincorrectly handled malformed XML data. If a user or application linked\nagainst XML-RPC for C and C++ were tricked into opening a crafted XML file,\nan attacker could cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-0718)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly\nhandled malformed XML data. If a user or application linked against XML-RPC\nfor C and C++ were tricked into opening a crafted XML file, an attacker\ncould cause a denial of service, or possibly execute arbitrary code.\n(CVE-2015-1283, CVE-2016-4472)\");\n script_tag(name:\"affected\", value:\"xmlrpc-c on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3013-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3013-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxmlrpc-c++4\", ver:\"1.16.33-3.1ubuntu5.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libxmlrpc-core-c3\", ver:\"1.16.33-3.1ubuntu5.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-07-31T00:00:00", "id": "OPENVAS:1361412562310842395", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842395", "title": "Ubuntu Update for sqlite3 USN-2698-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for sqlite3 USN-2698-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842395\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-31 07:21:45 +0200 (Fri, 31 Jul 2015)\");\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for sqlite3 USN-2698-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sqlite3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that SQLite incorrectly handled skip-scan optimization.\nAn attacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of\ncollation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS\nand Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison\noperators. An attacker could use this issue to cause applications using\nSQLite to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision\nand width values during floating-point conversions. An attacker could use\nthis issue to cause applications using SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2015-3416)\");\n script_tag(name:\"affected\", value:\"sqlite3 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2698-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2698-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.8.2-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsqlite3-0\", ver:\"3.7.9-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:57", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-06.", "modified": "2018-10-12T00:00:00", "published": "2012-09-26T00:00:00", "id": "OPENVAS:136141256231072423", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072423", "title": "Gentoo Security Advisory GLSA 201209-06 (expat)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201209_06.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72423\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2009-3560\", \"CVE-2009-3720\", \"CVE-2012-0876\", \"CVE-2012-1147\", \"CVE-2012-1148\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-26 11:20:49 -0400 (Wed, 26 Sep 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-06 (expat)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in Expat, possibly\nresulting in Denial of Service.\");\n script_tag(name:\"solution\", value:\"All Expat users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/expat-2.1.0_beta3'\n\n\nPackages which depend on this library may need to be recompiled. Tools\nsuch as revdep-rebuild may assist in identifying some of these\npackages.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-06\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=280615\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=303727\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=407519\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201209-06.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/expat\", unaffected: make_list(\"ge 2.1.0_beta3\"), vulnerable: make_list(\"lt 2.1.0_beta3\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:45", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-06-24T00:00:00", "id": "OPENVAS:1361412562310808476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808476", "title": "Fedora Update for expat FEDORA-2016-7c6e7a9265", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2016-7c6e7a9265\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808476\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-24 06:37:55 +0200 (Fri, 24 Jun 2016)\");\n script_cve_id(\"CVE-2016-4472\", \"CVE-2016-5300\", \"CVE-2016-0718\", \"CVE-2012-6702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for expat FEDORA-2016-7c6e7a9265\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"expat on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7c6e7a9265\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RKPDFBR2RD2BT5GEJLXQJARSTHPNSQC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.1~2.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:03", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310808946", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808946", "title": "Fedora Update for expat FEDORA-2016-0fd6ca526a", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2016-0fd6ca526a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808946\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:56:07 +0530 (Tue, 02 Aug 2016)\");\n script_cve_id(\"CVE-2016-4472\", \"CVE-2016-5300\", \"CVE-2016-0718\", \"CVE-2012-6702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for expat FEDORA-2016-0fd6ca526a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"expat on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-0fd6ca526a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CD3GTWZBZKFU23MWIBTRXLAUTS6OFQUS\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.1~2.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "description": "Check the version of lemon", "modified": "2019-03-08T00:00:00", "published": "2015-08-18T00:00:00", "id": "OPENVAS:1361412562310882248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882248", "title": "CentOS Update for lemon CESA-2015:1635 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lemon CESA-2015:1635 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882248\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-18 06:49:45 +0200 (Tue, 18 Aug 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for lemon CESA-2015:1635 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of lemon\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"lemon on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1635\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.el7_1.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:11", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120091", "title": "Amazon Linux Local Check: ALAS-2015-591", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2015-591.nasl 6575 2017-07-06 13:42:08Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120091\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:11 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2015-591\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414 )It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415 )It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416 )\");\n script_tag(name:\"solution\", value:\"Run yum update sqlite to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\");\n script_cve_id(\"CVE-2015-3415\", \"CVE-2015-3414\", \"CVE-2015-3416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"sqlite-tcl\", rpm:\"sqlite-tcl~3.7.17~6.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"sqlite\", rpm:\"sqlite~3.7.17~6.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"sqlite-devel\", rpm:\"sqlite-devel~3.7.17~6.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.17~6.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"sqlite-doc\", rpm:\"sqlite-doc~3.7.17~6.13.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:21", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-06-20T00:00:00", "id": "OPENVAS:1361412562310808469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808469", "title": "Fedora Update for expat FEDORA-2016-60889583ab", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2016-60889583ab\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808469\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-20 05:23:21 +0200 (Mon, 20 Jun 2016)\");\n script_cve_id(\"CVE-2016-4472\", \"CVE-2016-5300\", \"CVE-2016-0718\", \"CVE-2012-6702\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for expat FEDORA-2016-60889583ab\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"expat on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-60889583ab\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYOXAWKZFCUUJEYEIX5GY2XI75VQLB7A\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.1~2.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2016-09-26T17:23:22", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-06-07T00:00:00", "published": "2016-06-07T00:00:00", "id": "SOL37236006", "href": "http://support.f5.com/kb/en-us/solutions/public/k/37/sol37236006.html", "type": "f5", "title": "SOL37236006 - SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:24", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned IDs 530250 and 530251 (BIG-IP), ID 530268 (BIG-IQ), ID 530269 (Enterprise Manager), ID 528737 (ARX), and INSTALLER-1609 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| 6.2.0 - 6.4.0*| None| Low| SQLite Strings \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0* \n3.3.2 - 3.5.1*| None| Low| SQLite library \n \n* Although the software of the affected F5 products contain the vulnerable code, the affected F5 products do not use the vulnerable code in a way which exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-14T19:55:00", "published": "2016-06-07T21:49:00", "href": "https://support.f5.com/csp/article/K37236006", "id": "F5:K37236006", "title": "SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-11-09T00:09:44", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable **column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-07-01T00:00:00", "published": "2014-12-11T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/900/sol15905.html", "id": "SOL15905", "title": "SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T02:18:15", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 242353 (BIG-IP) and ID 491424 (F5 WebSafe) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H495544 on the **Diagnostics** > **Identified** > **High **screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| 10.1.0| 11.0.0 - 11.6.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP AAM| None| 11.4.0 - 11.6.0| None \nBIG-IP AFM| None| 11.3.0 - 11.6.0| None \nBIG-IP Analytics| None| 11.0.0 - 11.6.0| None \nBIG-IP APM| 10.1.0| 11.0.0 - 11.6.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP ASM| 10.1.0| 11.0.0 - 11.6.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP Edge Gateway| 10.1.0| 11.0.0 - 11.3.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP GTM| 10.1.0| 11.0.0 - 11.6.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP Link Controller| 10.1.0| 11.0.0 - 11.6.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP PEM| None| 11.3.0 - 11.6.0| None \nBIG-IP PSM| 10.1.0| 11.0.0 - 11.4.1 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP WebAccelerator| 10.1.0| 11.0.0 - 11.3.0 \n10.2.0 - 10.2.4| XML Parsing \nBIG-IP WOM| 10.1.0| 11.0.0 - 11.3.0 \n10.2.0 - 10.2.4| XML Parsing \nARX| None| 6.2.0 - 6.4.0| None \nEnterprise Manager| None| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| None \nBIG-IQ Cloud| None| 4.0.0 - 4.4.0| None \nBIG-IQ Device| None| 4.2.0 - 4.4.0| None \nBIG-IQ Security| None| 4.0.0 - 4.4.0| None \nLineRate| None| 2.4.0 - 2.5.0 \n1.6.0 - 1.6.4| None \nF5 WebSafe| None| 1.0.0| None\n\nIf the previous table lists a version in the **Versions known to be not vulnerable **column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-03-17T20:01:00", "published": "2014-12-12T01:48:00", "id": "F5:K15905", "href": "https://support.f5.com/csp/article/K15905", "title": "Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T02:18:04", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 528541 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Low| Expat XML parser library \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-14T22:30:00", "published": "2016-10-22T00:06:00", "id": "F5:K22232964", "href": "https://support.f5.com/csp/article/K22232964", "title": "Expat XML library vulnerability CVE-2016-4472", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:36", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 530252 (BIG-IP), ID 530268 (BIG-IQ), ID 530269 (Enterprise Manager), ID 528737 (ARX), and INSTALLER-1609 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0* \n11.0.0 - 11.6.0* \n10.1.0 - 10.2.4*| 12.1.0| Low| SQLite \nBIG-IP AAM| 12.0.0* \n11.4.0 - 11.6.0*| 12.1.0| Low| SQLite \nBIG-IP AFM| 12.0.0* \n11.3.0 - 11.6.0*| 12.1.0| Low| SQLite \nBIG-IP Analytics| 12.0.0* \n11.0.0 - 11.6.0*| 12.1.0| Low| SQLite \nBIG-IP APM| 12.0.0* \n11.0.0 - 11.6.0* \n10.1.0 - 10.2.4*| 12.1.0| Low| SQLite \nBIG-IP ASM| 12.0.0* \n11.0.0 - 11.6.0* \n10.1.0 - 10.2.4*| 12.1.0| Low| SQLite \nBIG-IP DNS| 12.0.0*| 12.1.0| Low| SQLite \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4*| None| Low| SQLite \nBIG-IP GTM| 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4*| None| Low| SQLite \nBIG-IP Link Controller| 12.0.0* \n11.0.0 - 11.6.0* \n10.1.0 - 10.2.4*| 12.1.0| Low| SQLite \nBIG-IP PEM| 12.0.0 \n11.3.0 - 11.6.0*| 12.1.0| Low| SQLite \nBIG-IP PSM| 11.0.0 - 11.4.1* \n10.1.0 - 10.2.4*| None| Low| SQLite \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4*| None| Low| SQLite \nBIG-IP WOM| 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4*| None| Low| SQLite \nARX| 6.0.0 - 6.4.0*| None| Low| SQL Strings \nEnterprise Manager| 3.0.0 - 3.1.1*| None| Low| SQLite \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0*| None| Low| SQLite \nBIG-IQ Device| 4.2.0 - 4.5.0*| None| Low| SQLite \nBIG-IQ Security| 4.0.0 - 4.5.0*| None| Low| SQLite \nBIG-IQ ADC| 4.5.0*| None| Low| SQLite \nLineRate| None| 2.5.0 - 2.6.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0* \n3.3.2 - 3.5.1*| None| Low| SQLite library \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the **Severity** value. Security Advisory articles published before this date do not list a **Severity** value.\n\n* Although the software of the affected F5 products contain the vulnerable code, the affected F5 products do not use the vulnerable code in a way which exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the** Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users. For more information about securing access for BIG-IP, BIG-IQ, and Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-03-14T19:54:00", "published": "2015-07-10T22:30:00", "id": "F5:K16950", "href": "https://support.f5.com/csp/article/K16950", "title": "SQLite vulnerability CVE-2015-3416", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-11-09T00:09:51", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-10-21T00:00:00", "published": "2016-10-21T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/22/sol22232964.html", "id": "SOL22232964", "type": "f5", "title": "SOL22232964 - Expat XML library vulnerability CVE-2016-4472", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-10-22T22:46:39", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 605579 (BIG-IP), ID 608756 (BIG-IQ), ID 608756-2 (F5 iWorkflow), ID 608757 (Enterprise Manager), and ID 528541 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H613627 on the **Diagnostics** > **Identified** > **Low** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 \n11.2.1 \n10.2.1 - 10.2.4 | Low | Expat library \nBIG-IP AAM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 | Low | Expat library \nBIG-IP AFM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 | Low | Expat library \nBIG-IP Analytics | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 \n11.2.1 | Low | Expat library \nBIG-IP APM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 \n11.2.1 \n10.2.1 - 10.2.4 | Low | Expat library \nBIG-IP ASM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 \n11.2.1 \n10.2.1 - 10.2.4 | Low | Expat library \nBIG-IP DNS | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 | Low | Expat library \nBIG-IP Edge Gateway | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.0 - 11.6.3 \n11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP Link Controller | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 \n11.2.1 \n10.2.1 - 10.2.4 | Low | Expat library \nBIG-IP PEM | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.4.0 - 11.6.3 | Low | Expat library \nBIG-IP PSM | None | 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WOM | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebSafe | 12.1.2 - 12.1.3 | 13.0.0 - 13.1.0 \n12.1.3.2 \n12.0.0 - 12.1.1 \n11.6.0 - 11.6.3 | Low | Expat library \nARX | 6.2.0 - 6.4.0 | None | Low | Expat library \nEnterprise Manager | 3.1.1 | None | Low | iControl SOAP, HTTPD, big3d, eventd, Enterprise Manager daemons \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nBIG-IQ ADC | 4.5.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nBIG-IQ Centralized Management | 5.0.0 \n4.6.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nF5 iWorkflow | 2.0.0 | None | Low | iControl SOAP, HTTPD, big3d, eventd \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | 5.0.0 \n4.0.0 - 4.4.0 | None | Low | Expat library\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability for iControl SOAP, you can upgrade the client SDK Expat library to version 2.2.0.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2018-06-19T19:07:00", "published": "2016-09-06T20:53:00", "id": "F5:K65460334", "href": "https://support.f5.com/csp/article/K65460334", "title": "Expat XML parser vulnerability CVE-2012-6702", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-10-22T22:47:05", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned IDs 630446 and 674189 (BIG-IP) and ID 677266 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H52320548 on the **Diagnostics** > **Identified** > **High** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | ASM control plane, iControl SOAP, eventd \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.3 | 13.1.0 \n13.0.1 \n12.1.3.2 | High | big3d, gtmd, iControl SOAP, eventd \nBIG-IP Edge Gateway | 11.2.1 | None | High | iControl SOAP, eventd \nBIG-IP GTM | 11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 11.6.3.2 \n11.5.7 | High | big3d, gtmd, iControl SOAP, eventd \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 \n11.2.1 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | big3d, gtmd, iControl SOAP, eventd \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 \n11.4.1 - 11.5.6 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nBIG-IP PSM | 11.4.1 | None | High | iControl SOAP, eventd \nBIG-IP WebAccelerator | 11.2.1 | None | High | iControl SOAP, eventd \nBIG-IP WebSafe | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | High | iControl SOAP, eventd \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Medium | iControlPortal.cgi \nBIG-IQ Cloud | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.3.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 - 2.3.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\niControl SOAP, eventd and BIG-IP ASM control plane\n\nTo mitigate this vulnerability for iControl SOAP, the **eventd** process, and the BIG-IP ASM control plane, permit management access to F5 products only over a secure network and restrict command line access for affected systems to trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 13.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\nbig3d/gtmd\n\nTo mitigate this vulnerability for the **big3d**/**gtmd** process, limit connections to port 4353 to trusted hosts. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 13.x)](<https://support.f5.com/csp/article/K13309>).\n\n**Note**: If you run **big3d_install** on BIG-IP versions prior to 11.5.0, it is possible that you may install a vulnerable version of **big3d** on systems that are running non-vulnerable versions of the BIG-IP system. In this case, upgrade to a fixed version or hotfix, and refer to [K13312: Overview of the BIG-IP DNS big3d_install, bigip_add, and gtm_add utilities (11.x - 13.x)](<https://support.f5.com/csp/article/K13312>) for information about running **big3d_install** to resolve the issue. \n\n**Note**: The iquery protocol used by the BIG-IP DNS system (formerly BIG-IP GTM) also uses port 4353. Ensure that all of the peer devices are included when you limit connections by IP address.\n\n * [K17329: BIG-IP GTM name has changed to BIG-IP DNS](<https://support.f5.com/csp/article/K17329>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2018-07-24T04:32:00", "published": "2017-09-19T00:55:00", "id": "F5:K52320548", "href": "https://support.f5.com/csp/article/K52320548", "title": "Expat vulnerability CVE-2016-0718", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2016-09-26T17:22:52", "bulletinFamily": "software", "description": "* Although the software of the affected F5 products contain the vulnerable code, the affected F5 products do not use the vulnerable code in a way which exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the** Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network, and limit shell access to trusted users. For more information about securing access for BIG-IP, BIG-IQ, and Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-06-07T00:00:00", "published": "2015-07-10T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/900/sol16950.html", "id": "SOL16950", "title": "SOL16950 - SQLite vulnerability CVE-2015-3416", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:30:44", "bulletinFamily": "scanner", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-12T00:00:00", "id": "ITUNES_12_6.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=100025", "published": "2017-05-08T00:00:00", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100025);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\n\nconstraints = [{\"fixed_version\" : \"12.6\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, flags:{xss:TRUE});\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:30:44", "bulletinFamily": "scanner", "description": "The version of Apple iTunes running on the remote host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2015-1283, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, to cause a denial of service condition or the execution of arbitrary code in the context of the current user. (CVE-2013-7443, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the APNs server component due to client certificates being transmitted in cleartext. A man-in-the-middle attacker can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component due to improper handling of RenderBox objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS) vulnerabilities exist in the WebKit component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these vulnerabilities, by convincing a user to visit a specially crafted web page, to execute arbitrary script code in a user's browser session. (CVE-2017-2479, CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause an out-of-bounds write, resulting in the execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-12T00:00:00", "id": "ITUNES_12_6_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=100026", "published": "2017-05-08T00:00:00", "title": "Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100026);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2009-3270\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2012-1147\",\n \"CVE-2012-1148\",\n \"CVE-2012-6702\",\n \"CVE-2013-7443\",\n \"CVE-2015-1283\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3717\",\n \"CVE-2015-6607\",\n \"CVE-2016-0718\",\n \"CVE-2016-4472\",\n \"CVE-2016-5300\",\n \"CVE-2016-6153\",\n \"CVE-2017-2383\",\n \"CVE-2017-2463\",\n \"CVE-2017-2479\",\n \"CVE-2017-2480\",\n \"CVE-2017-5029\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 52379,\n 74228,\n 75491,\n 75973,\n 76089,\n 76970,\n 79354,\n 90729,\n 91159,\n 91483,\n 91528,\n 91546,\n 96767,\n 97175,\n 97176\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-22-1\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-03-28-2\");\n script_xref(name:\"EDB-ID\", value:\"12509\");\n\n script_name(english:\"Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.6. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple vulnerabilities exist in the expat component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2009-3270,\n CVE-2009-3560, CVE-2009-3720, CVE-2012-1147,\n CVE-2012-1148, CVE-2012-6702, CVE-2015-1283,\n CVE-2016-0718, CVE-2016-4472, CVE-2016-5300)\n\n - Multiple vulnerabilities exist in the SQLite component,\n the most severe of which are remote code execution\n vulnerabilities. An unauthenticated, remote attacker can\n exploit these vulnerabilities by convincing a user to\n open a specially crafted file, to cause a denial of\n service condition or the execution of arbitrary code in\n the context of the current user. (CVE-2013-7443,\n CVE-2015-3414, CVE-2015-3415, CVE-2015-3416,\n CVE-2015-3717, CVE-2015-6607, CVE-2016-6153)\n\n - An information disclosure vulnerability exists in the\n APNs server component due to client certificates being\n transmitted in cleartext. A man-in-the-middle attacker\n can exploit this to disclose sensitive information.\n (CVE-2017-2383)\n\n - A use-after-free error exists in the WebKit component\n due to improper handling of RenderBox objects. An\n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2017-2463)\n\n - Multiple universal cross-site scripting (XSS)\n vulnerabilities exist in the WebKit component due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these\n vulnerabilities, by convincing a user to visit a\n specially crafted web page, to execute arbitrary script\n code in a user's browser session. (CVE-2017-2479,\n CVE-2017-2480, CVE-2017-2493)\n\n - An integer overflow condition exists in the libxslt\n component in the xsltAddTextString() function in\n transform.c due to improper validation of user-supplied\n input. An unauthenticated, remote attacker can exploit\n this to cause an out-of-bounds write, resulting in the\n execution of arbitrary code. (CVE-2017-5029)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207598\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00000.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d1057132\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b01bc68\");\n # https://lists.apple.com/archives/security-announce/2017/Mar/msg00010.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65be44ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_OS_NOT, \"Windows or Mac OS\");\n\nfixed_version = \"12.6\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE, xss:TRUE);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:28:53", "bulletinFamily": "scanner", "description": "New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.", "modified": "2017-09-21T00:00:00", "id": "SLACKWARE_SSA_2016-359-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96092", "published": "2016-12-27T00:00:00", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : expat (SSA:2016-359-01)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-359-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96092);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2017/09/21 13:38:14 $\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2015-1283\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"SSA\", value:\"2016-359-01\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : expat (SSA:2016-359-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New expat packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, 14.2, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567786\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e91e6f9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"expat\", pkgver:\"2.2.0\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:27:14", "bulletinFamily": "scanner", "description": "It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service.\n(CVE-2016-5300)\n\nGustavo Grieco discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. If a user or application linked against XML-RPC for C and C++ were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2016-0718)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. If a user or application linked against XML-RPC for C and C++ were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2015-1283, CVE-2016-4472).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-3013-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91729", "published": "2016-06-21T00:00:00", "title": "Ubuntu 12.04 LTS : xmlrpc-c vulnerabilities (USN-3013-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3013-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91729);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/12/01 15:12:40\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2015-1283\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"USN\", value:\"3013-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : xmlrpc-c vulnerabilities (USN-3013-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Expat code in XML-RPC for C and C++\nunexpectedly called srand in certain circumstances. This could reduce\nthe security of calling applications. (CVE-2012-6702)\n\nIt was discovered that the Expat code in XML-RPC for C and C++\nincorrectly handled seeding the random number generator. A remote\nattacker could possibly use this issue to cause a denial of service.\n(CVE-2016-5300)\n\nGustavo Grieco discovered that the Expat code in XML-RPC for C and C++\nincorrectly handled malformed XML data. If a user or application\nlinked against XML-RPC for C and C++ were tricked into opening a\ncrafted XML file, an attacker could cause a denial of service, or\npossibly execute arbitrary code. (CVE-2016-0718)\n\nIt was discovered that the Expat code in XML-RPC for C and C++\nincorrectly handled malformed XML data. If a user or application\nlinked against XML-RPC for C and C++ were tricked into opening a\ncrafted XML file, an attacker could cause a denial of service, or\npossibly execute arbitrary code. (CVE-2015-1283, CVE-2016-4472).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3013-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libxmlrpc-c++4 and / or libxmlrpc-core-c3\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxmlrpc-c++4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxmlrpc-core-c3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxmlrpc-c++4\", pkgver:\"1.16.33-3.1ubuntu5.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxmlrpc-core-c3\", pkgver:\"1.16.33-3.1ubuntu5.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxmlrpc-c++4 / libxmlrpc-core-c3\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:24:46", "bulletinFamily": "scanner", "description": "It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison operators. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision and width values during floating-point conversions. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2698-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85156", "published": "2015-07-31T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2698-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85156);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2013-7443\", \"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"USN\", value:\"2698-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : sqlite3 vulnerabilities (USN-2698-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that SQLite incorrectly handled skip-scan\noptimization. An attacker could use this issue to cause applications\nusing SQLite to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting\nof collation-sequence names. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented\ncomparison operators. An attacker could use this issue to cause\napplications using SQLite to crash, resulting in a denial of service,\nor possibly execute arbitrary code. This issue only affected Ubuntu\n15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf\nprecision and width values during floating-point conversions. An\nattacker could use this issue to cause applications using SQLite to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2015-3416).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2698-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsqlite3-0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsqlite3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.7.9-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.2-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libsqlite3-0\", pkgver:\"3.8.7.4-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsqlite3-0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:29:01", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201701-21 (Expat: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker, by enticing a user to process a specially crafted XML file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. This attack could also be used against automated systems that arbitrarily process XML files.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2017-01-12T00:00:00", "id": "GENTOO_GLSA-201701-21.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96415", "published": "2017-01-12T00:00:00", "title": "GLSA-201701-21 : Expat: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-21.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96415);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/12 14:54:53 $\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2013-0340\", \"CVE-2015-1283\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"GLSA\", value:\"201701-21\");\n\n script_name(english:\"GLSA-201701-21 : Expat: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-21\n(Expat: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Expat. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker, by enticing a user to process a specially crafted XML\n file, could execute arbitrary code with the privileges of the process or\n cause a Denial of Service condition. This attack could also be used\n against automated systems that arbitrarily process XML files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Expat users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/expat-2.2.0-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/expat\", unaffected:make_list(\"ge 2.2.0-r1\"), vulnerable:make_list(\"lt 2.2.0-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Expat\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:27:23", "bulletinFamily": "scanner", "description": "Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and CVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-7C6E7A9265.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=92117", "published": "2016-07-14T00:00:00", "title": "Fedora 24 : expat (2016-7c6e7a9265)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-7c6e7a9265.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92117);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:52:29 $\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"FEDORA\", value:\"2016-7c6e7a9265\");\n\n script_name(english:\"Fedora 24 : expat (2016-7c6e7a9265)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and\nCVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7c6e7a9265\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"expat-2.1.1-2.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:27:25", "bulletinFamily": "scanner", "description": "Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and CVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-0FD6CA526A.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=92229", "published": "2016-07-15T00:00:00", "title": "Fedora 22 : expat (2016-0fd6ca526a)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-0fd6ca526a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92229);\n script_version(\"$Revision: 2.4 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:42:53 $\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"FEDORA\", value:\"2016-0fd6ca526a\");\n\n script_name(english:\"Fedora 22 : expat (2016-0fd6ca526a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and\nCVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-0fd6ca526a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"expat-2.1.1-2.fc22\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:27:23", "bulletinFamily": "scanner", "description": "Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and CVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-60889583AB.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=92102", "published": "2016-07-14T00:00:00", "title": "Fedora 23 : expat (2016-60889583ab)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-60889583ab.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92102);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:52:28 $\");\n\n script_cve_id(\"CVE-2012-6702\", \"CVE-2016-0718\", \"CVE-2016-4472\", \"CVE-2016-5300\");\n script_xref(name:\"FEDORA\", value:\"2016-60889583ab\");\n\n script_name(english:\"Fedora 23 : expat (2016-60889583ab)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and\nCVE-2012-6702.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-60889583ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"expat-2.1.1-2.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:25:00", "bulletinFamily": "scanner", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "modified": "2018-04-18T00:00:00", "id": "ALA_ALAS-2015-591.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85749", "published": "2015-09-03T00:00:00", "title": "Amazon Linux AMI : sqlite (ALAS-2015-591)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-591.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85749);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"ALAS\", value:\"2015-591\");\n\n script_name(english:\"Amazon Linux AMI : sqlite (ALAS-2015-591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update sqlite' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"lemon-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-debuginfo-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-devel-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-doc-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-tcl-3.7.17-6.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2019-05-29T19:21:43", "bulletinFamily": "unix", "description": "It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300)\n\nGustavo Grieco discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. If a user or application linked against XML-RPC for C and C++ were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2016-0718)\n\nIt was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled malformed XML data. If a user or application linked against XML-RPC for C and C++ were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2015-1283, CVE-2016-4472)", "modified": "2016-06-20T00:00:00", "published": "2016-06-20T00:00:00", "id": "USN-3013-1", "href": "https://usn.ubuntu.com/3013-1/", "title": "XML-RPC for C and C++ vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T19:21:15", "bulletinFamily": "unix", "description": "It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443)\n\nMichal Zalewski discovered that SQLite incorrectly handled dequoting of collation-sequence names. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3414)\n\nMichal Zalewski discovered that SQLite incorrectly implemented comparison operators. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 15.04. (CVE-2015-3415)\n\nMichal Zalewski discovered that SQLite incorrectly handle printf precision and width values during floating-point conversions. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3416)", "modified": "2015-07-30T00:00:00", "published": "2015-07-30T00:00:00", "id": "USN-2698-1", "href": "https://usn.ubuntu.com/2698-1/", "title": "SQLite vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T19:22:09", "bulletinFamily": "unix", "description": "It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702)\n\nIt was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300)", "modified": "2016-06-20T00:00:00", "published": "2016-06-20T00:00:00", "id": "USN-3010-1", "href": "https://usn.ubuntu.com/3010-1/", "title": "Expat vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2019-05-29T18:13:07", "bulletinFamily": "NVD", "description": "Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.", "modified": "2016-11-28T19:10:00", "id": "CVE-2013-7443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7443", "published": "2015-08-12T14:59:00", "title": "CVE-2013-7443", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:12:27", "bulletinFamily": "NVD", "description": "Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.", "modified": "2019-01-18T17:55:00", "id": "CVE-2012-6702", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6702", "published": "2016-06-16T18:59:00", "title": "CVE-2012-6702", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:10:00", "bulletinFamily": "NVD", "description": "Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a \"printing DoS attack,\" possibly a related issue to CVE-2009-0821.", "modified": "2018-10-10T19:43:00", "id": "CVE-2009-3270", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3270", "published": "2009-09-18T22:30:00", "title": "CVE-2009-3270", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:14:43", "bulletinFamily": "NVD", "description": "SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586.", "modified": "2017-03-25T01:59:00", "id": "CVE-2015-6607", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6607", "published": "2015-10-06T17:59:00", "title": "CVE-2015-6607", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T11:52:01", "bulletinFamily": "NVD", "description": "os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.", "modified": "2018-10-30T16:27:00", "id": "CVE-2016-6153", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6153", "published": "2016-09-26T16:59:00", "title": "CVE-2016-6153", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:14:41", "bulletinFamily": "NVD", "description": "The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.", "modified": "2018-07-19T01:29:00", "id": "CVE-2015-3416", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3416", "published": "2015-04-24T17:59:00", "title": "CVE-2015-3416", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:14:41", "bulletinFamily": "NVD", "description": "The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.", "modified": "2018-07-19T01:29:00", "id": "CVE-2015-3415", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3415", "published": "2015-04-24T17:59:00", "title": "CVE-2015-3415", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:12:21", "bulletinFamily": "NVD", "description": "readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.", "modified": "2017-09-13T01:29:00", "id": "CVE-2012-1147", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1147", "published": "2012-07-03T19:55:00", "title": "CVE-2012-1147", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:14:41", "bulletinFamily": "NVD", "description": "Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.", "modified": "2017-09-22T01:29:00", "id": "CVE-2015-3717", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3717", "published": "2015-07-03T02:00:00", "title": "CVE-2015-3717", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:15:36", "bulletinFamily": "NVD", "description": "The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.", "modified": "2017-11-03T01:29:00", "id": "CVE-2016-4472", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472", "published": "2016-06-30T17:59:00", "title": "CVE-2016-4472", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:36:53", "bulletinFamily": "unix", "description": "New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\n14.2, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/expat-2.2.0-i586-1_slack14.2.txz: Upgraded.\n This update fixes bugs and security issues:\n Multiple integer overflows in XML_GetBuffer.\n Fix crash on malformed input.\n Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716.\n Use more entropy for hash initialization.\n Resolve troublesome internal call to srand.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/expat-2.2.0-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/expat-2.2.0-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/expat-2.2.0-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/expat-2.2.0-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/expat-2.2.0-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/expat-2.2.0-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/expat-2.2.0-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/expat-2.2.0-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/expat-2.2.0-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/expat-2.2.0-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/expat-2.2.0-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/expat-2.2.0-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/expat-2.2.0-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/expat-2.2.0-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\nd042603604cda3dedb7a75cb049071c8 expat-2.2.0-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n4c57af80cc3ccd277a365f8053dabd9b expat-2.2.0-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n649682e89895159e90c0775f056a5b2a expat-2.2.0-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ndc109e48fb07db4aa47caa912308dcee expat-2.2.0-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\na7893a356510073d213e08e6df41be6b expat-2.2.0-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n31f42e6ef7be259413659497f473b499 expat-2.2.0-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n3d5ab68ef82db833aa1b890372dfa789 expat-2.2.0-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n7ab4d2d05f4695904a4e164f6093ea38 expat-2.2.0-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n3e9c111a338efb49ed9aa85322e7dfed expat-2.2.0-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n5ec656840cad0813deeb632ef659d97b expat-2.2.0-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n770d5c370a923d7f1356bc81ceaaa3e9 expat-2.2.0-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n0b44169d48b17e181cddd25c547a0258 expat-2.2.0-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nbc2d54deb510e5a41845207133fc1a75 l/expat-2.2.0-i586-1.txz\n\nSlackware x86_64 -current package:\n4bf858ad9d41159ce9fe624e47d58f21 l/expat-2.2.0-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg expat-2.2.0-i586-1_slack14.2.txz", "modified": "2016-12-24T11:24:21", "published": "2016-12-24T11:24:21", "id": "SSA-2016-359-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567786", "title": "expat", "type": "slackware", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2017-01-11T14:15:25", "bulletinFamily": "unix", "description": "### Background\n\nExpat is a set of XML parsing libraries.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker, by enticing a user to process a specially crafted XML file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. This attack could also be used against automated systems that arbitrarily process XML files. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Expat users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/expat-2.2.0-r1\"", "modified": "2017-01-11T00:00:00", "published": "2017-01-11T00:00:00", "href": "https://security.gentoo.org/glsa/201701-21", "id": "GLSA-201701-21", "type": "gentoo", "title": "Expat: Multiple vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:31", "bulletinFamily": "unix", "description": "### Background\n\nExpat is a set of XML parsing libraries.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted XML file in an application linked against Expat, possibly resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Expat users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/expat-2.1.0_beta3\"\n \n\nPackages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.", "modified": "2012-09-24T00:00:00", "published": "2012-09-24T00:00:00", "id": "GLSA-201209-06", "href": "https://security.gentoo.org/glsa/201209-06", "type": "gentoo", "title": "Expat: Multiple vulnerabilities", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:25", "bulletinFamily": "unix", "description": "### Background\n\nSQLite is a C library that implements an SQL database engine.\n\n### Description\n\nMultiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could possibly cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll SQLite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/sqlite-3.8.9\"", "modified": "2015-07-07T00:00:00", "published": "2015-07-07T00:00:00", "id": "GLSA-201507-05", "href": "https://security.gentoo.org/glsa/201507-05", "type": "gentoo", "title": "SQLite: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:15:03", "bulletinFamily": "info", "description": "### *Detect date*:\n04/24/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple integer and buffer overflows were found in SQLite. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impact. These vulnerabilities can be exploited remotely via a specially designed input.\n\n### *Affected products*:\nSQLite versions earlier than 3.8.9\n\n### *Solution*:\nUpdate to the latest version \n[Get SQLite](<http://www.sqlite.org/download.html>)\n\n### *Impacts*:\nDoS \n\n### *CVE-IDS*:\n[CVE-2015-3414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414>)7.5Critical \n[CVE-2015-3416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416>)7.5Critical \n[CVE-2015-3415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415>)7.5Critical", "modified": "2019-03-07T00:00:00", "published": "2015-04-24T00:00:00", "id": "KLA10565", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10565", "title": "\r KLA10565Denial of service vulnerabilities in SQLite ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:217\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : sqlite3\r\n Date : April 30, 2015\r\n Affected: Business Server 1.0, Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in sqlite3:\r\n \r\n SQLite before 3.8.9 does not properly implement the dequoting of\r\n collation-sequence names, which allows context-dependent attackers to\r\n cause a denial of service (uninitialized memory access and application\r\n crash) or possibly have unspecified other impact via a crafted COLLATE\r\n clause, as demonstrated by COLLATE at the end of a SELECT statement\r\n (CVE-2015-3414).\r\n \r\n The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9\r\n does not properly implement comparison operators, which allows\r\n context-dependent attackers to cause a denial of service (invalid\r\n free operation) or possibly have unspecified other impact via a\r\n crafted CHECK clause, as demonstrated by CHECK(0&amp;O&gt;O) in a CREATE\r\n TABLE statement (CVE-2015-3415).\r\n \r\n The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\r\n not properly handle precision and width values during floating-point\r\n conversions, which allows context-dependent attackers to cause a\r\n denial of service (integer overflow and stack-based buffer overflow)\r\n or possibly have unspecified other impact via large integers in a\r\n crafted printf function call in a SELECT statement (CVE-2015-3416).\r\n \r\n The updated packages provides a solution for these security issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212353\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212356\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1212357\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n adb7e2731d814af7948c8a65662e7c71 mbs1/x86_64/lemon-3.8.9-1.mbs1.x86_64.rpm\r\n 8c9620460c62d0f7d07bd5fee68ac038 mbs1/x86_64/lib64sqlite3_0-3.8.9-1.mbs1.x86_64.rpm\r\n f060fd3ca68302f59e47e9bc1b336d4b mbs1/x86_64/lib64sqlite3-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 0fdd2e8a7456b51773b2a131534b9867 mbs1/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs1.x86_64.rpm\r\n 14682c0d09a3dc73f4405ee136c6115d mbs1/x86_64/sqlite3-tcl-3.8.9-1.mbs1.x86_64.rpm\r\n c2fc81b9162865ecdcef85aaa805507f mbs1/x86_64/sqlite3-tools-3.8.9-1.mbs1.x86_64.rpm \r\n 474e6b9bc6a7299f8ab34a90893bbd96 mbs1/SRPMS/sqlite3-3.8.9-1.mbs1.src.rpm\r\n\r\n Mandriva Business Server 2/X86_64:\r\n 44c4a002a3480388751603981327a21d mbs2/x86_64/lemon-3.8.9-1.mbs2.x86_64.rpm\r\n 9d2ded51447e5f133c37257635ef4f22 mbs2/x86_64/lib64sqlite3_0-3.8.9-1.mbs2.x86_64.rpm\r\n 42c8fce0126487fa0a72b4f5f1b5e852 mbs2/x86_64/lib64sqlite3-devel-3.8.9-1.mbs2.x86_64.rpm\r\n a93c0f348006f6675779bf7cd5c9f547 mbs2/x86_64/lib64sqlite3-static-devel-3.8.9-1.mbs2.x86_64.rpm\r\n 792f42a7a38d7947e7b5d0ea67510de2 mbs2/x86_64/sqlite3-tcl-3.8.9-1.mbs2.x86_64.rpm\r\n 947e30fcb8c4f19b1398d6e29adc29ac mbs2/x86_64/sqlite3-tools-3.8.9-1.mbs2.x86_64.rpm \r\n 150cb2acc870d5ca8a343f21edef4248 mbs2/SRPMS/sqlite3-3.8.9-1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFVQdZEmqjQ0CJFipgRAvj9AJ9qeo094/bpIyYh46OHXWO6W26qUACg4mCP\r\nt5Ka/OioHfZ/AmIloxds0/s=\r\n=X45P\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-05-05T00:00:00", "published": "2015-05-05T00:00:00", "id": "SECURITYVULNS:DOC:31989", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31989", "title": "[ MDVSA-2015:217 ] sqlite3", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "description": "Over 20 errors, including uninitialized memory access.", "modified": "2015-05-05T00:00:00", "published": "2015-05-05T00:00:00", "id": "SECURITYVULNS:VULN:14389", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14389", "title": "SQLite multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:17", "bulletinFamily": "unix", "description": "\nNVD reports:\n\nSQLite before 3.8.9 does not properly implement the\n\t dequoting of collation-sequence names, which allows\n\t context-dependent attackers to cause a denial of service\n\t (uninitialized memory access and application crash) or\n\t possibly have unspecified other impact via a crafted\n\t COLLATE clause, as demonstrated by COLLATE\"\"\"\"\"\"\"\" at the\n\t end of a SELECT statement.\n\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before\n\t 3.8.9 does not properly implement comparison operators,\n\t which allows context-dependent attackers to cause a denial\n\t of service (invalid free operation) or possibly have\n\t unspecified other impact via a crafted CHECK clause, as\n\t demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\t \n\n\nThe sqlite3VXPrintf function in printf.c in SQLite before\n\t 3.8.9 does not properly handle precision and width values\n\t during floating-point conversions, which allows\n\t context-dependent attackers to cause a denial of service\n\t (integer overflow and stack-based buffer overflow) or\n\t possibly have unspecified other impact via large integers\n\t in a crafted printf function call in a SELECT statement.\n\n", "modified": "2015-05-08T00:00:00", "published": "2015-04-14T00:00:00", "id": "DEC3164F-3121-45EF-AF18-BB113AC5082F", "href": "https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html", "title": "sqlite -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:41", "bulletinFamily": "unix", "description": "\nSebastian Pipping reports:\n\nCVE-2012-6702 -- Resolve troublesome internal call to srand that\n\t was introduced with Expat 2.1.0 when addressing CVE-2012-0876\n\t (issue #496)\nCVE-2016-5300 -- Use more entropy for hash initialization than the\n\t original fix to CVE-2012-0876.\n\n", "modified": "2016-11-06T00:00:00", "published": "2016-03-18T00:00:00", "id": "C9C252F5-2DEF-11E6-AE88-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/c9c252f5-2def-11e6-ae88-002590263bf5.html", "title": "expat -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-05-29T18:35:29", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:1635\n\n\nSQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\n\n**Affected packages:**\nlemon\nsqlite\nsqlite-devel\nsqlite-doc\nsqlite-tcl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1635.html", "modified": "2015-08-17T16:54:44", "published": "2015-08-17T16:54:44", "href": "http://lists.centos.org/pipermail/centos-announce/2015-August/021337.html", "id": "CESA-2015:1635", "title": "lemon, sqlite security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2019-05-29T19:20:27", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. ([CVE-2015-3414 __](<https://access.redhat.com/security/cve/CVE-2015-3414>))\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. ([CVE-2015-3415 __](<https://access.redhat.com/security/cve/CVE-2015-3415>))\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. ([CVE-2015-3416 __](<https://access.redhat.com/security/cve/CVE-2015-3416>))\n\n \n**Affected Packages:** \n\n\nsqlite\n\n \n**Issue Correction:** \nRun _yum update sqlite_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n sqlite-tcl-3.7.17-6.13.amzn1.i686 \n sqlite-3.7.17-6.13.amzn1.i686 \n sqlite-devel-3.7.17-6.13.amzn1.i686 \n lemon-3.7.17-6.13.amzn1.i686 \n sqlite-debuginfo-3.7.17-6.13.amzn1.i686 \n \n noarch: \n sqlite-doc-3.7.17-6.13.amzn1.noarch \n \n src: \n sqlite-3.7.17-6.13.amzn1.src \n \n x86_64: \n sqlite-3.7.17-6.13.amzn1.x86_64 \n sqlite-devel-3.7.17-6.13.amzn1.x86_64 \n lemon-3.7.17-6.13.amzn1.x86_64 \n sqlite-tcl-3.7.17-6.13.amzn1.x86_64 \n sqlite-debuginfo-3.7.17-6.13.amzn1.x86_64 \n \n \n", "modified": "2015-09-02T12:00:00", "published": "2015-09-02T12:00:00", "id": "ALAS-2015-591", "href": "https://alas.aws.amazon.com/ALAS-2015-591.html", "title": "Medium: sqlite", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:29", "bulletinFamily": "unix", "description": "[3.7.17-6.1]\n- Fixes for CVE-2015-3415 CVE-2015-3414 CVE-2015-3416\n Resolves: rhbz#1244731\n[3.7.17-6]\n- Release bump for ppc64le\n[3.7.17-5]\n- Release bump\n[3.7.17-4.1]\n- Backport 64k page fix from latest upstream (#1118151)", "modified": "2015-08-17T00:00:00", "published": "2015-08-17T00:00:00", "id": "ELSA-2015-1635", "href": "http://linux.oracle.com/errata/ELSA-2015-1635.html", "title": "sqlite security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:45", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3252-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 06, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : sqlite3\nCVE ID : CVE-2015-3414 CVE-2015-3415 CVE-2015-3416\n\nMichal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.8.7.1-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 3.8.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.8.9-1.\n\nWe recommend that you upgrade your sqlite3 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-05-06T20:23:21", "published": "2015-05-06T20:23:21", "id": "DEBIAN:DSA-3252-1:580AD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00140.html", "title": "[SECURITY] [DSA 3252-1] sqlite3 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:54", "bulletinFamily": "unix", "description": "SQLite is a C library that implements an SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a single\ndisk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility\nof an SQL database without the administrative hassles of supporting a\nseparate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence\nnames. A local attacker could submit a specially crafted COLLATE statement\nthat would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a specially\ncrafted CHECK statement that would crash the SQLite process, or have other\nunspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions.\nA local attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "modified": "2018-04-12T03:32:49", "published": "2015-08-17T04:00:00", "id": "RHSA-2015:1635", "href": "https://access.redhat.com/errata/RHSA-2015:1635", "type": "redhat", "title": "(RHSA-2015:1635) Moderate: sqlite security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:54", "bulletinFamily": "software", "description": "USN-3010-1 Expat vulnerabilities\n\n# \n\nMedium\n\n# Vendor\n\nexpat \u2013 XML parsing C library, Canonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04 LTS \n\n# Description\n\nIt was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. ([CVE-2012-6702](<http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-6702.html>))\n\nIt was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. ([CVE-2016-5300](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5300.html>))\n\n# Affected Products and Versions\n\n_Severity is medium unless otherwise noted. \n_\n\n * All versions of Cloud Foundry cflinuxfs2 prior to v.1.67.0 \n\n# Mitigation\n\nUsers are strongly encouraged to follow the mitigation below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.67.0 or later versions \n\n# References\n\n * <http://www.ubuntu.com/usn/usn-3010-1/>\n * <http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-6702.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5300.html>\n", "modified": "2016-07-13T00:00:00", "published": "2016-07-13T00:00:00", "id": "CFOUNDRY:21BFDCCE9261A7005B811F988D3B9279", "href": "https://www.cloudfoundry.org/blog/usn-3010-1/", "title": "USN-3010-1 Expat vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:46", "bulletinFamily": "unix", "description": "- CVE-2015-1283 (arbitrary code execution)\n\nMultiple integer overflows in the XML_GetBuffer function allow remote\nattackers to cause a denial of service (heap-based buffer overflow) or\npossibly arbitrary code execution via crafted XML data.\nThis problem has already been fixed in version 2.1.0-1 but this update\nrefreshes the fix to avoid relying on undefined behavior.\n\n- CVE-2016-0718 (arbitrary code execution)\n\nThe Expat XML parser mishandles certain kinds of malformed input\ndocuments, resulting in buffer overflows during processing and error\nreporting. The overflows can manifest as a segmentation fault or as\nmemory corruption during a parse operation. The bugs allow for a denial\nof service attack in many applications by an unauthenticated attacker,\nand could conceivably result in remote code execution.", "modified": "2016-05-18T00:00:00", "published": "2016-05-18T00:00:00", "id": "ASA-201605-23", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html", "type": "archlinux", "title": "lib32-expat: arbitrary code execution", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:28:28", "bulletinFamily": "unix", "description": "This update for expat fixes the following issues:\n\n Security issue fixed:\n - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of\n malformed input documents. (bsc#979441)\n - CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)\n\n", "modified": "2016-06-07T13:08:02", "published": "2016-06-07T13:08:02", "id": "SUSE-SU-2016:1508-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html", "title": "Security update for expat (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:40:33", "bulletinFamily": "unix", "description": "This update for expat fixes the following issues:\n\n Security issue fixed:\n - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of\n malformed input documents. (bsc#979441)\n - CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)\n\n", "modified": "2016-06-07T17:08:51", "published": "2016-06-07T17:08:51", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html", "id": "SUSE-SU-2016:1512-1", "title": "Security update for expat (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
