Search...

Mandriva Linux Security Advisory : aria2 (MDVSA-2009:226)

2009-09-10T00:00:00

ID MANDRIVA_MDVSA-2009-226.NASL
Type nessus
Reporter This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
Modified 2009-09-10T00:00:00

Description

A vulnerability has been found and corrected in aria2 :

Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors (CVE-2009-3575).

This update provides a solution to this vulnerability.

                                        
                                            #%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:226. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40920);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-3575");
  script_xref(name:"MDVSA", value:"2009:226");

  script_name(english:"Mandriva Linux Security Advisory : aria2 (MDVSA-2009:226)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Mandriva Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability has been found and corrected in aria2 :

Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,
1.2.0, and other versions allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via unknown
vectors (CVE-2009-3575).

This update provides a solution to this vulnerability."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://qa.mandriva.com/52840"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected aria2 package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:aria2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/09/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/10");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2009.0", reference:"aria2-0.15.3-0.20080918.3.1mdv2009.0", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.1", reference:"aria2-1.2.0-0.20090201.3.1mdv2009.1", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "MANDRIVA_MDVSA-2009-226.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : aria2 (MDVSA-2009:226)", "description": "A vulnerability has been found and corrected in aria2 :\n\nBuffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,\n1.2.0, and other versions allows remote attackers to cause a denial of\nservice (crash) and possibly execute arbitrary code via unknown\nvectors (CVE-2009-3575).\n\nThis update provides a solution to this vulnerability.", "published": "2009-09-10T00:00:00", "modified": "2009-09-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/40920", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["https://qa.mandriva.com/52840"], "cvelist": ["CVE-2009-3575"], "type": "nessus", "lastseen": "2021-01-07T11:52:17", "edition": 24, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-3575"]}, {"type": "openvas", "idList": ["OPENVAS:66598", "OPENVAS:136141256231066739", "OPENVAS:136141256231065743", "OPENVAS:136141256231064837", "OPENVAS:136141256231066598", "OPENVAS:64837", "OPENVAS:66739", "OPENVAS:65743"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1957-1:95854"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10223"]}, {"type": "nessus", "idList": ["SUSE_11_1_ARIA2-091014.NASL", "DEBIAN_DSA-1957.NASL", "GENTOO_GLSA-201001-06.NASL", "FEDORA_2009-10344.NASL"]}, {"type": "fedora", "idList": ["FEDORA:80D3A10F84D"]}, {"type": "gentoo", "idList": ["GLSA-201001-06"]}], "modified": "2021-01-07T11:52:17", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2021-01-07T11:52:17", "rev": 2}, "vulnersScore": 7.6}, "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:226. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40920);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3575\");\n script_xref(name:\"MDVSA\", value:\"2009:226\");\n\n script_name(english:\"Mandriva Linux Security Advisory : aria2 (MDVSA-2009:226)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in aria2 :\n\nBuffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,\n1.2.0, and other versions allows remote attackers to cause a denial of\nservice (crash) and possibly execute arbitrary code via unknown\nvectors (CVE-2009-3575).\n\nThis update provides a solution to this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/52840\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected aria2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:aria2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"aria2-0.15.3-0.20080918.3.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"aria2-1.2.0-0.20090201.3.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "40920", "cpe": ["p-cpe:/a:mandriva:linux:aria2", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:54:17", "description": "Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.", "edition": 3, "cvss3": {}, "published": "2009-10-07T17:30:00", "title": "CVE-2009-3575", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3575"], "modified": "2009-12-31T07:04:00", "cpe": ["cpe:/a:tatsuhiro_tsujikawa:aria2:1.2.0", "cpe:/a:tatsuhiro_tsujikawa:aria2:0.15.3"], "id": "CVE-2009-3575", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3575", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:tatsuhiro_tsujikawa:aria2:0.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:tatsuhiro_tsujikawa:aria2:1.2.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:56:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory MDVSA-2009:226.", "modified": "2017-07-06T00:00:00", "published": "2009-09-15T00:00:00", "id": "OPENVAS:64837", "href": "http://plugins.openvas.org/nasl.php?oid=64837", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:226 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_226.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:226 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in aria2:\n\naria2 has a buffer overflow which makes it crashing at least on mips.\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:226\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory MDVSA-2009:226.\";\n\n \n\nif(description)\n{\n script_id(64837);\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:226 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~0.15.3~0.20080918.3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~1.2.0~0.20090201.3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~0.15.3~0.20080918.3.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory FEDORA-2009-10344.", "modified": "2017-07-10T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65743", "href": "http://plugins.openvas.org/nasl.php?oid=65743", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-10344 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10344.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10344 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixes CVE-2009-3575, A buffer overflow vulnerability described in more detail at\nhttps://bugzilla.redhat.com/show_bug.cgi?id=527827\n\nChangeLog:\n\n* Thu Oct 8 2009 Rahul Sundaram - 1.3.1-2\n- Fix spec. Dumb mistake\n* Thu Oct 8 2009 Rahul Sundaram - 1.3.1-1\n- Update to the same version as Fedora 11 that fixes rhbz#52782\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update aria2' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10344\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory FEDORA-2009-10344.\";\n\n\n\nif(description)\n{\n script_id(65743);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-10344 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=527827\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~1.3.1~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2-debuginfo\", rpm:\"aria2-debuginfo~1.3.1~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory MDVSA-2009:226.", "modified": "2018-04-06T00:00:00", "published": "2009-09-15T00:00:00", "id": "OPENVAS:136141256231064837", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064837", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:226 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_226.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:226 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in aria2:\n\naria2 has a buffer overflow which makes it crashing at least on mips.\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:226\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory MDVSA-2009:226.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64837\");\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:226 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~0.15.3~0.20080918.3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~1.2.0~0.20090201.3.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~0.15.3~0.20080918.3.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory FEDORA-2009-10344.", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065743", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065743", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-10344 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10344.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10344 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixes CVE-2009-3575, A buffer overflow vulnerability described in more detail at\nhttps://bugzilla.redhat.com/show_bug.cgi?id=527827\n\nChangeLog:\n\n* Thu Oct 8 2009 Rahul Sundaram - 1.3.1-2\n- Fix spec. Dumb mistake\n* Thu Oct 8 2009 Rahul Sundaram - 1.3.1-1\n- Update to the same version as Fedora 11 that fixes rhbz#52782\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update aria2' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10344\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory FEDORA-2009-10344.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65743\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-10344 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=527827\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"aria2\", rpm:\"aria2~1.3.1~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aria2-debuginfo\", rpm:\"aria2-debuginfo~1.3.1~2.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory DSA 1957-1.", "modified": "2018-04-06T00:00:00", "published": "2009-12-30T00:00:00", "id": "OPENVAS:136141256231066598", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066598", "type": "openvas", "title": "Debian Security Advisory DSA 1957-1 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1957_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1957-1 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that aria2, a high speed download utility, is prone\nto a buffer overflow in the DHT routing code, which might lead to the\nexecution of arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.14.0-1+lenny1. Binaries for powerpc, arm, ia64 and hppa will\nbe provided once they are available.\n\nThe oldstable distribution (etch) is not affected by this problem.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.2.0-1.\n\n\nWe recommend that you upgrade your aria2 packages.\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory DSA 1957-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201957-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66598\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1957-1 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"aria2\", ver:\"0.14.0-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "description": "The remote host is missing an update to aria2\nannounced via advisory DSA 1957-1.", "modified": "2017-07-07T00:00:00", "published": "2009-12-30T00:00:00", "id": "OPENVAS:66598", "href": "http://plugins.openvas.org/nasl.php?oid=66598", "type": "openvas", "title": "Debian Security Advisory DSA 1957-1 (aria2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1957_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1957-1 (aria2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that aria2, a high speed download utility, is prone\nto a buffer overflow in the DHT routing code, which might lead to the\nexecution of arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.14.0-1+lenny1. Binaries for powerpc, arm, ia64 and hppa will\nbe provided once they are available.\n\nThe oldstable distribution (etch) is not affected by this problem.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.2.0-1.\n\n\nWe recommend that you upgrade your aria2 packages.\";\ntag_summary = \"The remote host is missing an update to aria2\nannounced via advisory DSA 1957-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201957-1\";\n\n\nif(description)\n{\n script_id(66598);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3575\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1957-1 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"aria2\", ver:\"0.14.0-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3617", "CVE-2009-3575"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201001-06.", "modified": "2018-01-10T00:00:00", "published": "2010-01-20T00:00:00", "id": "OPENVAS:136141256231066739", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066739", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201001-06 (aria2)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow and a format string vulnerability in aria2 allow remote\n attackers to execute arbitrary code.\";\ntag_solution = \"All aria2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/aria2-1.6.3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=288291\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201001-06.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66739\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-3575\", \"CVE-2009-3617\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 201001-06 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/aria2\", unaffected: make_list(\"ge 1.6.3\"), vulnerable: make_list(\"lt 1.6.3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3617", "CVE-2009-3575"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201001-06.", "modified": "2017-07-07T00:00:00", "published": "2010-01-20T00:00:00", "id": "OPENVAS:66739", "href": "http://plugins.openvas.org/nasl.php?oid=66739", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201001-06 (aria2)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow and a format string vulnerability in aria2 allow remote\n attackers to execute arbitrary code.\";\ntag_solution = \"All aria2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/aria2-1.6.3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=288291\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201001-06.\";\n\n \n \n\nif(description)\n{\n script_id(66739);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-3575\", \"CVE-2009-3617\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 201001-06 (aria2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/aria2\", unaffected: make_list(\"ge 1.6.3\"), vulnerable: make_list(\"lt 1.6.3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-08-12T01:00:44", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3575"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1957-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nDecember 28, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : aria2\nVulnerability : buffer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE Id : CVE-2009-3575\nDebian Bug : 551070\n\nIt was discovered that aria2, a high speed download utility, is prone\nto a buffer overflow in the DHT routing code, which might lead to the\nexecution of arbitrary code.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.14.0-1+lenny1. Binaries for powerpc, arm, ia64 and hppa will\nbe provided once they are available.\n\nThe oldstable distribution (etch) is not affected by this problem.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.2.0-1.\n\n\nWe recommend that you upgrade your aria2 packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1.dsc\n Size/MD5 checksum: 1102 eec49435dff989725e33c563b196460a\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1.diff.gz\n Size/MD5 checksum: 20698 849ab814910b27bcceb43f70289deecf\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0.orig.tar.gz\n Size/MD5 checksum: 1343630 ae853240ee88e373a138021613e28cb1\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_alpha.deb\n Size/MD5 checksum: 1271036 e9f58f0333e8fa153e422e42124da627\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_amd64.deb\n Size/MD5 checksum: 1088722 5e454e6d927c361662b28eb1bd5fd344\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_armel.deb\n Size/MD5 checksum: 1015232 24a9356278fbe5e485a446bf4cbadf58\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_i386.deb\n Size/MD5 checksum: 1059854 231c131054416daf24647fbe0f3253d3\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_mips.deb\n Size/MD5 checksum: 1159418 09c033eb265aea089f66ef7f50633c15\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_mipsel.deb\n Size/MD5 checksum: 1150498 e8b0d5e3afb820d007afdc232a2c6e5c\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_s390.deb\n Size/MD5 checksum: 1029322 c88bd4cf8c8d48f2ab4cde0a93f68a1f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/aria2/aria2_0.14.0-1+lenny1_sparc.deb\n Size/MD5 checksum: 1165878 a978541d98f368a43bb8e1c702611e81\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 6, "modified": "2009-12-28T09:58:21", "published": "2009-12-28T09:58:21", "id": "DEBIAN:DSA-1957-1:95854", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00286.html", "title": "[SECURITY] [DSA 1957-1] New aria2 packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "bulletinFamily": "software", "cvelist": ["CVE-2009-3575"], "description": "Buffer overflow on DHT parsing.", "edition": 1, "modified": "2009-09-10T00:00:00", "published": "2009-09-10T00:00:00", "id": "SECURITYVULNS:VULN:10223", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10223", "title": "aria2 download manager buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3575"], "description": "aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy authentication support - FTP support(active, passive mode) - FTP through HTTP proxy(GET command or tunneling) - Segmented download - Cookie support(currently aria2 ignores \"expires\") - It can run as a daemon process. - BitTorrent protocol support with fast extension. - Selective download in multi-file torrent - Metalink version 3.0 support(HTTP/FTP/BitTorrent). - Limiting download/upload speed ", "modified": "2009-10-09T03:38:55", "published": "2009-10-09T03:38:55", "id": "FEDORA:80D3A10F84D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: aria2-1.3.1-2.fc10", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:45:48", "description": "It was discovered that aria2, a high speed download utility, is prone\nto a buffer overflow in the DHT routing code, which might lead to the\nexecution of arbitrary code.\n\nThe oldstable distribution (etch) is not affected by this problem.", "edition": 25, "published": "2010-02-24T00:00:00", "title": "Debian DSA-1957-1 : aria2 - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "modified": "2010-02-24T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:aria2", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1957.NASL", "href": "https://www.tenable.com/plugins/nessus/44822", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1957. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44822);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3575\");\n script_xref(name:\"DSA\", value:\"1957\");\n\n script_name(english:\"Debian DSA-1957-1 : aria2 - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that aria2, a high speed download utility, is prone\nto a buffer overflow in the DHT routing code, which might lead to the\nexecution of arbitrary code.\n\nThe oldstable distribution (etch) is not affected by this problem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1957\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the aria2 packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.14.0-1+lenny1. Binaries for powerpc, arm, ia64 and hppa will\nbe provided once they are available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:aria2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"aria2\", reference:\"0.14.0-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:52", "description": "Fixes CVE-2009-3575, A buffer overflow vulnerability described in more\ndetail at https://bugzilla.redhat.com/show_bug.cgi?id=527827\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-10-09T00:00:00", "title": "Fedora 10 : aria2-1.3.1-2.fc10 (2009-10344)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "modified": "2009-10-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:aria2"], "id": "FEDORA_2009-10344.NASL", "href": "https://www.tenable.com/plugins/nessus/42074", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10344.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42074);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3575\");\n script_xref(name:\"FEDORA\", value:\"2009-10344\");\n\n script_name(english:\"Fedora 10 : aria2-1.3.1-2.fc10 (2009-10344)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes CVE-2009-3575, A buffer overflow vulnerability described in more\ndetail at https://bugzilla.redhat.com/show_bug.cgi?id=527827\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=527827\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-October/029913.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c98d6ecf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected aria2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:aria2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"aria2-1.3.1-2.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"aria2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:04:13", "description": "Speciall crafted distributed hash table files as used by bittorrent\ncould cause a buffer overflow in aria2 (CVE-2009-3575).", "edition": 23, "published": "2009-10-19T00:00:00", "title": "openSUSE Security Update : aria2 (aria2-1400)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3575"], "modified": "2009-10-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:aria2", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_ARIA2-091014.NASL", "href": "https://www.tenable.com/plugins/nessus/42175", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update aria2-1400.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42175);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3575\");\n\n script_name(english:\"openSUSE Security Update : aria2 (aria2-1400)\");\n script_summary(english:\"Check for the aria2-1400 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Speciall crafted distributed hash table files as used by bittorrent\ncould cause a buffer overflow in aria2 (CVE-2009-3575).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531117\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected aria2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aria2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"aria2-0.16.0-1.19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"aria2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:37", "description": "The remote host is affected by the vulnerability described in GLSA-201001-06\n(aria2: Multiple vulnerabilities)\n\n Tatsuhiro Tsujikawa reported a buffer overflow in\n DHTRoutingTableDeserializer.cc (CVE-2009-3575) and a format string\n vulnerability in the AbstractCommand::onAbort() function in\n src/AbstractCommand.cc (CVE-2009-3617).\n \nImpact :\n\n A remote, unauthenticated attacker could possibly execute arbitrary\n code with the privileges of the user running the application or cause a\n Denial of Service (application crash).\n \nWorkaround :\n\n Do not use DHT (CVE-2009-3575) and disable logging (CVE-2009-3617).", "edition": 24, "published": "2010-02-25T00:00:00", "title": "GLSA-201001-06 : aria2: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3617", "CVE-2009-3575"], "modified": "2010-02-25T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:aria2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201001-06.NASL", "href": "https://www.tenable.com/plugins/nessus/44895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201001-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44895);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3575\", \"CVE-2009-3617\");\n script_xref(name:\"GLSA\", value:\"201001-06\");\n\n script_name(english:\"GLSA-201001-06 : aria2: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201001-06\n(aria2: Multiple vulnerabilities)\n\n Tatsuhiro Tsujikawa reported a buffer overflow in\n DHTRoutingTableDeserializer.cc (CVE-2009-3575) and a format string\n vulnerability in the AbstractCommand::onAbort() function in\n src/AbstractCommand.cc (CVE-2009-3617).\n \nImpact :\n\n A remote, unauthenticated attacker could possibly execute arbitrary\n code with the privileges of the user running the application or cause a\n Denial of Service (application crash).\n \nWorkaround :\n\n Do not use DHT (CVE-2009-3575) and disable logging (CVE-2009-3617).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201001-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All aria2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/aria2-1.6.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:aria2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/aria2\", unaffected:make_list(\"ge 1.6.3\"), vulnerable:make_list(\"lt 1.6.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"aria2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:09", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3617", "CVE-2009-3575"], "description": "### Background\n\naria2 is a download utility with resuming and segmented downloading with HTTP/HTTPS/FTP/BitTorrent support. \n\n### Description\n\nTatsuhiro Tsujikawa reported a buffer overflow in DHTRoutingTableDeserializer.cc (CVE-2009-3575) and a format string vulnerability in the AbstractCommand::onAbort() function in src/AbstractCommand.cc (CVE-2009-3617). \n\n### Impact\n\nA remote, unauthenticated attacker could possibly execute arbitrary code with the privileges of the user running the application or cause a Denial of Service (application crash). \n\n### Workaround\n\nDo not use DHT (CVE-2009-3575) and disable logging (CVE-2009-3617). \n\n### Resolution\n\nAll aria2 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/aria2-1.6.3\"", "edition": 1, "modified": "2010-01-13T00:00:00", "published": "2010-01-13T00:00:00", "id": "GLSA-201001-06", "href": "https://security.gentoo.org/glsa/201001-06", "type": "gentoo", "title": "aria2: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}