Mandriva Linux Security Advisory : expat (MDVSA-2012:041)
2012-03-28T00:00:00
ID MANDRIVA_MDVSA-2012-041.NASL Type nessus Reporter Tenable Modified 2016-06-14T00:00:00
Description
A memory leak and a hash table collision flaw in expat could cause denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).
The updated packages have been patched to correct this issue.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2012:041.
# The text itself is copyright (C) Mandriva S.A.
#
include("compat.inc");
if (description)
{
script_id(58506);
script_version("$Revision: 1.11 $");
script_cvs_date("$Date: 2016/06/14 17:29:37 $");
script_cve_id("CVE-2012-0876", "CVE-2012-1148");
script_bugtraq_id(52379);
script_osvdb_id(80892, 80893);
script_xref(name:"MDVSA", value:"2012:041");
script_name(english:"Mandriva Linux Security Advisory : expat (MDVSA-2012:041)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A memory leak and a hash table collision flaw in expat could cause
denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).
The updated packages have been patched to correct this issue."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:expat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat-static-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat1-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat-static-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat1-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011");
script_set_attribute(attribute:"patch_publication_date", value:"2012/03/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/28");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2010.1", reference:"expat-2.0.1-12.1mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64expat1-2.0.1-12.1mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64expat1-devel-2.0.1-12.1mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libexpat1-2.0.1-12.1mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libexpat1-devel-2.0.1-12.1mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"expat-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64expat-devel-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64expat-static-devel-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64expat1-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libexpat-devel-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libexpat-static-devel-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libexpat1-2.0.1-15.1-mdv2011.0", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"hash": "aa8ce44eca816fddb2f3f53d55f0b843ecaadde23df3359908ac59fc57138f91", "naslFamily": "Mandriva Local Security Checks", "id": "MANDRIVA_MDVSA-2012-041.NASL", "lastseen": "2017-10-29T13:44:47", "viewCount": 1, "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "846d5d302c3123625092f35fb71b8bc7", "key": "cpe"}, {"hash": "d9f543e85bf6a1bc76bffdd7ac3cb032", "key": "cvelist"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "74c4d67e9e3b7961c6c4071b0c46cfba", "key": "description"}, {"hash": "a54d6f815613099fd1ac75d95c90d434", "key": "href"}, {"hash": "932ad690938d41a5231afb997407e36d", "key": "modified"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "a036cac2531b35692e8975f252229fcf", "key": "pluginID"}, {"hash": "98087b7546e17e5b91d4beeb8ed2b089", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "ddd3c49e01f7c9ac580f05a50e251145", "key": "sourceData"}, {"hash": "b772d87bfd24b5012cd1d38e9fdb66df", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "bulletinFamily": "scanner", "cpe": ["cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:libexpat1-devel", "p-cpe:/a:mandriva:linux:expat", "p-cpe:/a:mandriva:linux:libexpat1", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:lib64expat-devel", "p-cpe:/a:mandriva:linux:libexpat-devel", "p-cpe:/a:mandriva:linux:lib64expat-static-devel", "p-cpe:/a:mandriva:linux:lib64expat1", "p-cpe:/a:mandriva:linux:lib64expat1-devel", "p-cpe:/a:mandriva:linux:libexpat-static-devel"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "edition": 2, "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "description": "A memory leak and a hash table collision flaw in expat could cause denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).\n\nThe updated packages have been patched to correct this issue.", "title": "Mandriva Linux Security Advisory : expat (MDVSA-2012:041)", "history": [{"bulletin": {"hash": "ba294323a06c8fe0ba064c0336328ded70aec810e4fa060db0a1e968519c2e72", "naslFamily": "Mandriva Local Security Checks", "edition": 1, "lastseen": "2016-09-26T17:26:26", "enchantments": {}, "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddd3c49e01f7c9ac580f05a50e251145", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b772d87bfd24b5012cd1d38e9fdb66df", "key": "title"}, {"hash": "d9f543e85bf6a1bc76bffdd7ac3cb032", "key": "cvelist"}, {"hash": "a54d6f815613099fd1ac75d95c90d434", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "98087b7546e17e5b91d4beeb8ed2b089", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "932ad690938d41a5231afb997407e36d", "key": "modified"}, {"hash": "74c4d67e9e3b7961c6c4071b0c46cfba", "key": "description"}, {"hash": "a036cac2531b35692e8975f252229fcf", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "bulletinFamily": "scanner", "cpe": [], "history": [], "id": "MANDRIVA_MDVSA-2012-041.NASL", "type": "nessus", "description": "A memory leak and a hash table collision flaw in expat could cause denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).\n\nThe updated packages have been patched to correct this issue.", "viewCount": 1, "title": "Mandriva Linux Security Advisory : expat (MDVSA-2012:041)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "objectVersion": "1.2", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58506);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/06/14 17:29:37 $\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_bugtraq_id(52379);\n script_osvdb_id(80892, 80893);\n script_xref(name:\"MDVSA\", value:\"2012:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : expat (MDVSA-2012:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak and a hash table collision flaw in expat could cause\ndenial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"expat-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64expat1-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64expat1-devel-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libexpat1-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libexpat1-devel-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"expat-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat-static-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat1-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat-static-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat1-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "published": "2012-03-28T00:00:00", "pluginID": "58506", "references": [], "reporter": "Tenable", "modified": "2016-06-14T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58506"}, "lastseen": "2016-09-26T17:26:26", "edition": 1, "differentElements": ["cpe"]}], "objectVersion": "1.3", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58506);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/06/14 17:29:37 $\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_bugtraq_id(52379);\n script_osvdb_id(80892, 80893);\n script_xref(name:\"MDVSA\", value:\"2012:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : expat (MDVSA-2012:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak and a hash table collision flaw in expat could cause\ndenial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64expat1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libexpat1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"expat-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64expat1-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64expat1-devel-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libexpat1-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libexpat1-devel-2.0.1-12.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"expat-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat-static-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64expat1-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat-static-devel-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libexpat1-2.0.1-15.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "published": "2012-03-28T00:00:00", "pluginID": "58506", "references": [], "reporter": "Tenable", "modified": "2016-06-14T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58506"}
{"result": {"cve": [{"id": "CVE-2012-1148", "type": "cve", "title": "CVE-2012-1148", "description": "Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.", "published": "2012-07-03T15:55:02", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1148", "cvelist": ["CVE-2012-1148"], "lastseen": "2018-01-05T12:20:53"}, {"id": "CVE-2012-0876", "type": "cve", "title": "CVE-2012-0876", "description": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.", "published": "2012-07-03T15:55:02", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0876", "cvelist": ["CVE-2012-0876"], "lastseen": "2018-01-05T12:20:52"}], "f5": [{"id": "F5:K16949", "type": "f5", "title": "Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "description": "\nF5 Product Development has assigned ID 388737 (BIG-IP) to these vulnerabilities, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H16949 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AAM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AFM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Analytics | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP APM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP ASM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Edge Gateway | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP GTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Link Controller | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PEM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PSM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP WebAccelerator | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP WOM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.0 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 | Not vulnerable | None \n \n* **Important**: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP ASM\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2015-07-11T03:06:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K16949", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-08-15T01:08:46"}, {"id": "SOL16949", "type": "f5", "title": "SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "description": "**Important**: *Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the** Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\n**BIG-IP ASM**\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-07-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/16000/900/sol16949.html", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2016-09-26T17:23:06"}, {"id": "F5:K70938105", "type": "f5", "title": "Expat XML library vulnerability CVE-2016-5300", "description": "\nF5 Product Development has assigned ID 617273 (BIG-IP), ID 617964 (BIG-IQ/F5 iWorkflow), ID 618243 (Enterprise Manager), and ID 528541 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H624219 on the **Diagnostics** > **Identified** > **Medium** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 | Medium | XML parser Expat library \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 | Medium | XML parser Expat library \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.2.1 | Medium | XML parser Expat library \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.3 | 13.1.0 \n13.0.1 \n12.1.3.2 | Medium | XML parser Expat library \nBIG-IP Edge Gateway | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | 11.4.0 - 11.6.3 | 11.6.3.2 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 | Medium | XML parser Expat library \nBIG-IP PSM | 11.4.0 - 11.4.1 | 10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP WebAccelerator | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebSafe | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 | 13.1.0 \n13.0.1 \n12.1.3.2 | Medium \n\n \n\n| XML parser Expat library \nARX | 6.2.0 - 6.4.0 | None | Low | XML parser Expat library \nEnterprise Manager | 3.1.1 | None | Medium | XML parser Expat library \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ ADC | 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Centralized Management | 5.0.0 - 5.4.0 \n4.6.0 | None | Medium | XML parser Expat library \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Medium | XML parser Expat library \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | XML parser Expat library \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>)\n * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n", "published": "2016-10-27T01:15:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K70938105", "cvelist": ["CVE-2016-5300", "CVE-2012-0876"], "lastseen": "2018-06-18T19:10:58"}, {"id": "SOL70938105", "type": "f5", "title": "SOL70938105 - Expat XML library vulnerability CVE-2016-5300", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL15106: Managing BIG-IQ product hotfixes\n * SOL15113: BIG-IQ hotfix matrix\n * SOL12766: ARX hotfix matrix\n", "published": "2016-10-26T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/70/sol70938105.html", "cvelist": ["CVE-2016-5300", "CVE-2012-0876"], "lastseen": "2016-11-09T00:09:38"}], "openvas": [{"id": "OPENVAS:1361412562310105371", "type": "openvas", "title": "F5 BIG-IP - SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "description": "The remote host is missing a security patch.", "published": "2015-09-19T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105371", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-07-17T10:53:16"}, {"id": "OPENVAS:881192", "type": "openvas", "title": "CentOS Update for expat CESA-2012:0731 centos5 ", "description": "Check for the Version of expat", "published": "2012-07-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881192", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-01-11T11:07:18"}, {"id": "OPENVAS:71503", "type": "openvas", "title": "Debian Security Advisory DSA 2525-1 (expat)", "description": "The remote host is missing an update to expat\nannounced via advisory DSA 2525-1.", "published": "2012-08-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=71503", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-07-24T12:50:54"}, {"id": "OPENVAS:870754", "type": "openvas", "title": "RedHat Update for expat RHSA-2012:0731-01", "description": "Check for the Version of expat", "published": "2012-06-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870754", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-01-02T10:57:22"}, {"id": "OPENVAS:1361412562310123904", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0731", "description": "Oracle Linux Local Security Checks ELSA-2012-0731", "published": "2015-10-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123904", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-07-24T12:52:33"}, {"id": "OPENVAS:1361412562310841137", "type": "openvas", "title": "Ubuntu Update for xmlrpc-c USN-1527-2", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1527-2", "published": "2012-09-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841137", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-04-30T13:53:33"}, {"id": "OPENVAS:1361412562310841101", "type": "openvas", "title": "Ubuntu Update for expat USN-1527-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1527-1", "published": "2012-08-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841101", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-04-30T13:54:12"}, {"id": "OPENVAS:831681", "type": "openvas", "title": "Mandriva Update for expat MDVSA-2012:041 (expat)", "description": "Check for the Version of expat", "published": "2012-08-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831681", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-01-08T12:56:38"}, {"id": "OPENVAS:1361412562310120134", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2012-89", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120134", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-07-24T12:51:15"}, {"id": "OPENVAS:1361412562310881114", "type": "openvas", "title": "CentOS Update for expat CESA-2012:0731 centos6 ", "description": "Check for the Version of expat", "published": "2012-07-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881114", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-04-06T11:18:13"}], "ubuntu": [{"id": "USN-1527-2", "type": "ubuntu", "title": "XML-RPC for C and C++ vulnerabilities", "description": "USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12.04 LTS.\n\nOriginal advisory details:\n\nIt was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148)", "published": "2012-09-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/1527-2/", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-03-29T18:18:42"}, {"id": "USN-1527-1", "type": "ubuntu", "title": "Expat vulnerabilities", "description": "It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148)", "published": "2012-08-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/1527-1/", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-03-29T18:19:48"}, {"id": "USN-1613-1", "type": "ubuntu", "title": "Python 2.5 vulnerabilities", "description": "It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automatated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. A remote attacker could exploit this to cause a denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform input validation on certain HTTP GET requests. A remote attacker could potentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly handle memory reallocation when processing XML files. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. (CVE-2012-1148)", "published": "2012-10-17T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1613-1/", "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "lastseen": "2018-03-29T18:21:21"}, {"id": "USN-1613-2", "type": "ubuntu", "title": "Python 2.4 vulnerabilities", "description": "USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4.\n\nOriginal advisory details:\n\nIt was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automatated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. A remote attacker could exploit this to cause a denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform input validation on certain HTTP GET requests. A remote attacker could potentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly handle memory reallocation when processing XML files. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. (CVE-2012-1148)", "published": "2012-10-17T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1613-2/", "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "lastseen": "2018-03-29T18:19:01"}], "debian": [{"id": "DSA-2525", "type": "debian", "title": "expat -- several vulnerabilities", "description": "It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling.\n\nFor the stable distribution (squeeze), this problem has been fixed in version 2.0.1-7+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in version 2.1.0~beta3-1.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.1.0~beta3-1.\n\nWe recommend that you upgrade your expat packages.", "published": "2012-08-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2525", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2016-09-02T18:34:01"}], "nessus": [{"id": "ALA_ALAS-2012-89.NASL", "type": "nessus", "title": "Amazon Linux AMI : expat (ALAS-2012-89)", "description": "A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148)", "published": "2013-09-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=69696", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2018-04-19T07:27:53"}, {"id": "CENTOS_RHSA-2012-0731.NASL", "type": "nessus", "title": "CentOS 5 / 6 : expat (CESA-2012:0731)", "description": "Updated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nExpat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.", "published": "2012-06-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=59482", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:38:07"}, {"id": "F5_BIGIP_SOL16949.NASL", "type": "nessus", "title": "F5 Networks BIG-IP : Expat vulnerabilities (K16949)", "description": "CVE-2012-0876\n\nThe XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.\n\nCVE-2012-1148 Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.\n\nImpact\n\nThese vulnerabilities allow context-dependent attackers to cause a denial-of-service (DoS) (CPU and/or memory consumption) by way of XML files.", "published": "2015-09-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=86013", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:39:27"}, {"id": "REDHAT-RHSA-2012-0731.NASL", "type": "nessus", "title": "RHEL 5 / 6 : expat (RHSA-2012:0731)", "description": "Updated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nExpat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.", "published": "2012-06-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=59491", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:45:00"}, {"id": "SOLARIS11_LIBEXPAT_20120918.NASL", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. (CVE-2012-0876)\n\n - Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. (CVE-2012-1148)", "published": "2015-01-19T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80669", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:39:17"}, {"id": "UBUNTU_USN-1527-2.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)", "description": "USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12.04 LTS.\n\nIt was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10.\n(CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-09-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62036", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:45:31"}, {"id": "ORACLELINUX_ELSA-2012-0731.NASL", "type": "nessus", "title": "Oracle Linux 5 / 6 : expat (ELSA-2012-0731)", "description": "From Red Hat Security Advisory 2012:0731 :\n\nUpdated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nExpat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68543", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:38:28"}, {"id": "UBUNTU_USN-1527-1.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : expat vulnerabilities (USN-1527-1)", "description": "It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-08-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=61485", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:35:49"}, {"id": "DEBIAN_DSA-2525.NASL", "type": "nessus", "title": "Debian DSA-2525-1 : expat - several vulnerabilities", "description": "It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling.", "published": "2012-08-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=61441", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:38:23"}, {"id": "SL_20120613_EXPAT_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : expat on SL5.x, SL6.x i386/x86_64", "description": "Expat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.", "published": "2012-08-01T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=61327", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-29T13:42:55"}], "centos": [{"id": "CESA-2012:0731", "type": "centos", "title": "expat security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:0731\n\n\nExpat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in\nExpat. An attacker could use this flaw to make an application using Expat\nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate\nthis issue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation failure,\nExpat failed to free the previously allocated memory. This could cause the\napplication to exit unexpectedly or crash when all available memory is\nexhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, applications using the Expat library must be restarted for the\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-June/018682.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-June/018685.html\n\n**Affected packages:**\nexpat\nexpat-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0731.html", "published": "2012-06-13T13:07:10", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-June/018682.html", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2017-10-03T18:25:02"}], "redhat": [{"id": "RHSA-2012:0731", "type": "redhat", "title": "(RHSA-2012:0731) Moderate: expat security update", "description": "Expat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in\nExpat. An attacker could use this flaw to make an application using Expat\nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate\nthis issue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation failure,\nExpat failed to free the previously allocated memory. This could cause the\napplication to exit unexpectedly or crash when all available memory is\nexhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, applications using the Expat library must be restarted for the\nupdate to take effect.\n", "published": "2012-06-13T04:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0731", "cvelist": ["CVE-2012-0876", "CVE-2012-1148"], "lastseen": "2018-06-06T18:04:25"}, {"id": "RHSA-2016:2957", "type": "redhat", "title": "(RHSA-2016:2957) Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release", "description": "This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6.\n\nSecurity Fix(es):\n\n* This update fixes several flaws in OpenSSL. (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)\n\n* This update fixes two flaws in mod_cluster. (CVE-2016-4459, CVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. (CVE-2012-1148)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-0286, CVE-2016-2108, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842. The CVE-2016-4459 issue was discovered by Robert Bost (Red Hat). Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno B\u00f6ck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705.\n\nSee the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory.", "published": "2016-12-16T03:02:12", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:2957", "cvelist": ["CVE-2012-0876", "CVE-2012-1148", "CVE-2014-3523", "CVE-2014-8176", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-3185", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3216", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-1762", "CVE-2016-1833", "CVE-2016-1834", "CVE-2016-1835", "CVE-2016-1836", "CVE-2016-1837", "CVE-2016-1838", "CVE-2016-1839", "CVE-2016-1840", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2842", "CVE-2016-3627", "CVE-2016-3705", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-4449", "CVE-2016-4459", "CVE-2016-4483", "CVE-2016-5419", "CVE-2016-5420", "CVE-2016-6808", "CVE-2016-7141", "CVE-2016-8612"], "lastseen": "2017-07-26T22:57:25"}, {"id": "RHSA-2016:0062", "type": "redhat", "title": "(RHSA-2016:0062) Moderate: Red Hat JBoss Web Server 2.1.0 security update", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of \ncomponents for hosting Java web applications. It is comprised of the Apache \nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector \n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat \nNative library.\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode \ndifferently from an HTTP proxy software in front of it, possibly leading to \nHTTP request smuggling attacks. (CVE-2015-3183)\n\nA denial of service flaw was found in the implementation of hash arrays in \nExpat. An attacker could use this flaw to make an application using Expat \nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate this\nissue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA flaw was found in the way httpd handled HTTP Trailer headers when \nprocessing requests using chunked encoding. A malicious client could use \nTrailer headers to set additional HTTP headers after header processing was \nperformed by other modules. This could, for example, lead to a bypass of \nheader restrictions defined with mod_headers. (CVE-2013-5704)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat \nCustomer Portal are advised to apply this update. The Red Hat JBoss Web \nServer process must be restarted for the update to take effect.", "published": "2016-01-21T20:45:11", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0062", "cvelist": ["CVE-2012-0876", "CVE-2013-5704", "CVE-2015-3183"], "lastseen": "2018-02-15T20:03:30"}, {"id": "RHSA-2017:3239", "type": "redhat", "title": "(RHSA-2017:3239) Important: Red Hat JBoss Enterprise Application Platform 6.4.18 security update", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nThis release of JBoss Enterprise Application Platform 6.4.18 Natives serves as an update to the JBoss Enterprise Application Platform 6.4.16 Natives and includes bug fixes which are documented in the Release Notes document linked to in the References.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 Natives are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1508880)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1508884)\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1508885)", "published": "2017-11-17T00:09:33", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2017:3239", "cvelist": ["CVE-2009-3560", "CVE-2009-3720", "CVE-2012-0876", "CVE-2016-2183", "CVE-2017-9788", "CVE-2017-9798"], "lastseen": "2018-01-10T09:55:32"}], "oraclelinux": [{"id": "ELSA-2012-0731", "type": "oraclelinux", "title": "expat security update", "description": "[2.0.1-11]\n- use symbol version for XML_SetHashSalt (CVE-2012-0876, #816306)\n[2.0.1-10]\n- add security fix for CVE-2012-1148 (#811825)\n- add security fix for CVE-2012-0876 (#811833)", "published": "2012-06-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0731.html", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2016-09-04T11:16:06"}, {"id": "ELSA-2012-0744", "type": "oraclelinux", "title": "python security update", "description": "[2.6.6-29.el6_2.2]\n- if hash randomization is enabled, also enable it within pyexpat\nResolves: CVE-2012-0876\n[2.6.6-29.el6_2.1]\n- distutils.config: create ~/.pypirc securely\nResolves: CVE-2011-4944\n- fix endless loop in SimpleXMLRPCServer upon malformed POST request\nResolves: CVE-2012-0845\n- send encoding in SimpleHTTPServer.list_directory to protect IE7 against\npotential XSS attacks\nResolves: CVE-2011-4940\n- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment\nvariable, to provide an opt-in way to protect against denial of service\nattacks due to hash collisions within the dict and set types\nResolves: CVE-2012-1150", "published": "2012-06-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0744.html", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0876", "CVE-2012-0845", "CVE-2011-4940"], "lastseen": "2016-09-04T11:16:01"}, {"id": "ELSA-2012-0745", "type": "oraclelinux", "title": "python security update", "description": "[2.4.3-46.el5_8.2]\n- if hash randomization is enabled, also enable it within pyexpat\nResolves: CVE-2012-0876\n[2.4.3-46.el5_8.1]\n- distutils.commands.register: create ~/.pypirc securely\nResolves: CVE-2011-4944\n- send encoding in SimpleHTTPServer.list_directory to protect IE7 against\npotential XSS attacks\nResolves: CVE-2011-4940\n- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment\nvariable, to provide an opt-in way to protect against denial of service\nattacks due to hash collisions within the dict and set types\nResolves: CVE-2012-1150", "published": "2012-06-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0745.html", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0876", "CVE-2011-4940"], "lastseen": "2016-09-04T11:17:02"}], "amazon": [{"id": "ALAS-2012-89", "type": "amazon", "title": "Medium: expat", "description": "**Issue Overview:**\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. ([CVE-2012-0876 __](<https://access.redhat.com/security/cve/CVE-2012-0876>))\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. ([CVE-2012-1148 __](<https://access.redhat.com/security/cve/CVE-2012-1148>))\n\n \n**Affected Packages:** \n\n\nexpat\n\n \n**Issue Correction:** \nRun _yum update expat_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n expat-devel-2.0.1-11.9.amzn1.i686 \n expat-debuginfo-2.0.1-11.9.amzn1.i686 \n expat-2.0.1-11.9.amzn1.i686 \n \n src: \n expat-2.0.1-11.9.amzn1.src \n \n x86_64: \n expat-devel-2.0.1-11.9.amzn1.x86_64 \n expat-2.0.1-11.9.amzn1.x86_64 \n expat-debuginfo-2.0.1-11.9.amzn1.x86_64 \n \n \n", "published": "2012-06-19T15:59:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2012-89.html", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "lastseen": "2016-09-28T21:04:00"}], "gentoo": [{"id": "GLSA-201209-06", "type": "gentoo", "title": "Expat: Multiple vulnerabilities", "description": "### Background\n\nExpat is a set of XML parsing libraries.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted XML file in an application linked against Expat, possibly resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Expat users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/expat-2.1.0_beta3\"\n \n\nPackages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.", "published": "2012-09-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201209-06", "cvelist": ["CVE-2012-1148", "CVE-2012-1147", "CVE-2012-0876", "CVE-2009-3720", "CVE-2009-3560"], "lastseen": "2016-09-06T19:46:31"}], "vmware": [{"id": "VMSA-2012-0016", "type": "vmware", "title": "VMware security updates for vSphere API and ESX Service Console", "description": "a. VMware vSphere API denial of service vulnerability \nThe VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities on the host but any virtual machines running on the host would be unaffected. \nVMware would like to thank Sebasti\u00e1n Tello of Core Security Technologies for reporting this issue to us. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-5703 to this issue. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "published": "2012-11-15T00:00:00", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2012-0016.html", "cvelist": ["CVE-2012-1148", "CVE-2012-5703", "CVE-2011-4944", "CVE-2012-3817", "CVE-2012-1150", "CVE-2012-0876", "CVE-2012-1667", "CVE-2011-4940", "CVE-2012-0441", "CVE-2012-1033"], "lastseen": "2016-09-04T11:19:40"}], "archlinux": [{"id": "ASA-201606-14", "type": "archlinux", "title": "lib32-expat: multiple issues", "description": "- CVE-2012-6702 (predictable random numbers)\n\nIt was found that when calling XML_Parse ahead of rand(), it causes the\npseudo random generator to generate non-random predictable numbers.\n\n- CVE-2016-5300 (denial of service)\n\nIt was found that original fix for CVE-2012-0876 used too little\nentropy for the hash initialization. This issue can be used to perform\na hash collision based denial of service attack.", "published": "2016-06-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html", "cvelist": ["CVE-2016-5300", "CVE-2012-0876", "CVE-2012-6702"], "lastseen": "2016-09-02T18:44:36"}, {"id": "ASA-201606-13", "type": "archlinux", "title": "expat: multiple issues", "description": "- CVE-2012-6702 (predictable random numbers)\n\nIt was found that when calling XML_Parse ahead of rand(), it causes the\npseudo random generator to generate non-random predictable numbers.\n\n- CVE-2016-5300 (denial of service)\n\nIt was found that original fix for CVE-2012-0876 used too little\nentropy for the hash initialization. This issue can be used to perform\na hash collision based denial of service attack.", "published": "2016-06-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html", "cvelist": ["CVE-2016-5300", "CVE-2012-0876", "CVE-2012-6702"], "lastseen": "2016-09-02T18:44:43"}], "freebsd": [{"id": "9164F51E-AE20-11E7-A633-009C02A2AB30", "type": "freebsd", "title": "Python 2.7 -- multiple vulnerabilities", "description": "\nPython reports:\n\nMultiple vulnerabilities have been fixed in Python 2.7.14. Please refer to the CVE list for details.\n\n", "published": "2017-08-26T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/9164f51e-ae20-11e7-a633-009c02a2ab30.html", "cvelist": ["CVE-2017-9233", "CVE-2016-9063", "CVE-2016-5300", "CVE-2012-0876", "CVE-2016-0718", "CVE-2016-4472"], "lastseen": "2017-10-11T17:54:17"}, {"id": "8719B935-8BAE-41AD-92BA-3C826F651219", "type": "freebsd", "title": "python 2.7 -- multiple vulnerabilities", "description": "\npython release notes:\n\nMultiple vulnerabilities has been fixed in this release. Please refer to the CVE list for details.\n\n", "published": "2018-05-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/8719b935-8bae-41ad-92ba-3c826f651219.html", "cvelist": ["CVE-2017-9233", "CVE-2016-9063", "CVE-2018-1060", "CVE-2012-0876", "CVE-2016-0718", "CVE-2018-1061", "CVE-2016-4472"], "lastseen": "2018-05-06T21:50:22"}], "slackware": [{"id": "SSA-2018-124-01", "type": "slackware", "title": "python", "description": "New python packages are available for Slackware 14.0, 14.1, 14.2, and -current\nto fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/python-2.7.15-i586-1_slack14.2.txz: Upgraded.\n Updated to the latest 2.7.x release.\n This fixes some security issues in difflib and poplib (regexes vulnerable\n to denial of service attacks), as well as security issues with the bundled\n expat library.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/python-2.7.15-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/python-2.7.15-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/python-2.7.15-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/python-2.7.15-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/python-2.7.15-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/python-2.7.15-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/python-2.7.15-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/python-2.7.15-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n815f18de185a913b37f8a4a5ba209a33 python-2.7.15-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nac2745d0977849cf16ad3b386ad6e706 python-2.7.15-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n96fa93f516bfefae9539d8d5329fe8e1 python-2.7.15-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n5895cf391b0de5746e4c23c5c34dd50f python-2.7.15-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n82212eec089fe925da83e47d5b829b3e python-2.7.15-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n9ca1bd6126f729067fc507271889643e python-2.7.15-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nfa60bc913282d7992f5cf8b29863a411 d/python-2.7.15-i586-1.txz\n\nSlackware x86_64 -current package:\n0d473b473463c6927a1efaab6e6f601d d/python-2.7.15-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg python-2.7.15-i586-1_slack14.2.txz", "published": "2018-05-04T13:53:50", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.470394", "cvelist": ["CVE-2017-9233", "CVE-2016-9063", "CVE-2016-5300", "CVE-2018-1060", "CVE-2012-0876", "CVE-2016-0718", "CVE-2018-1061", "CVE-2016-4472"], "lastseen": "2018-05-06T21:54:07"}]}}
