{"id": "MANDRIVA_MDVSA-2013-117.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "published": "2013-04-20T00:00:00", "modified": "2020-02-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/66129", "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "cvelist": ["CVE-2011-4944", "CVE-2012-0876"], "type": "nessus", "lastseen": "2020-02-01T00:45:03", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2011-4944", "CVE-2012-0876"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "edition": 12, "enchantments": {"dependencies": {"modified": "2020-01-01T00:18:15", "references": [{"idList": ["USN-1527-1", "USN-1527-2"], "type": "ubuntu"}, {"idList": ["ELSA-2012-0745", "ELSA-2012-0744", "ELSA-2012-0731"], "type": "oraclelinux"}, {"idList": ["ALAS-2012-089"], "type": "amazon"}, {"idList": ["CESA-2012:0731", "CESA-2012:0745"], "type": "centos"}, {"idList": ["MANDRIVA_MDVSA-2012-096.NASL", "DEBIAN_DSA-2525.NASL", "MANDRIVA_MDVSA-2012-097.NASL", "FEDORA_2012-5058.NASL", "UBUNTU_USN-1527-1.NASL", "UBUNTU_USN-1527-2.NASL", "F5_BIGIP_SOL16949.NASL", "ALA_ALAS-2012-89.NASL", "FEDORA_2012-6996.NASL", "FEDORA_2012-4936.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310864308", "OPENVAS:864214", "OPENVAS:1361412562310864214", "OPENVAS:1361412562310105371", "OPENVAS:831685", "OPENVAS:1361412562310831685", "OPENVAS:1361412562310864239", "OPENVAS:864239", "OPENVAS:1361412562310831686", "OPENVAS:864308"], "type": "openvas"}, {"idList": ["RHSA-2012:0745", "RHSA-2012:0731", "RHSA-2016:0062"], "type": "redhat"}, {"idList": ["DEBIAN:DLA-508-1:E525E", "DEBIAN:DSA-2525-1:0551E", "DEBIAN:DSA-3597-1:6D822"], "type": "debian"}, {"idList": ["CVE-2011-4944", "CVE-2012-0876"], "type": "cve"}, {"idList": ["ASA-201606-14", "ASA-201606-13"], "type": "archlinux"}, {"idList": ["SECURITYVULNS:DOC:28232", "SECURITYVULNS:DOC:27867", "SECURITYVULNS:VULN:12304"], "type": "securityvulns"}, {"idList": ["SSV:60008"], "type": "seebug"}, {"idList": ["F5:K16949", "F5:K70938105", "F5:K75910138", "SOL16949", "SOL70938105"], "type": "f5"}]}, "score": {"modified": "2020-01-01T00:18:15", "value": 5.0, "vector": "NONE"}}, "hash": "b88a5812755ac7ce8f004c0685279c4bfa503ca677cae71cd1a8f18d36c53ce2", "hashmap": [{"hash": "741b18e744e3f37108cd8c3f4a1c6ef7", "key": "cvss"}, {"hash": "3d9289c1e61a1ce58e5af9e29589f064", "key": "title"}, {"hash": "7e65c687e4a55d913f47594cbe3cba49", "key": "cvelist"}, {"hash": "d73aaed0077c3ca64fabb7258172a57f", "key": "href"}, {"hash": "165babb4eae3a7324f0312c8d102caf5", "key": "pluginID"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "10ec6f52a44185e3372792daa57b7b17", "key": "sourceData"}, {"hash": "2249940a684898a70237266de5d6dd6c", "key": "modified"}, {"hash": "e77a44af9a357fd1ae177bbeab71eda7", "key": "references"}, {"hash": "c13165e5295520ca5b0da26f6e31878a", "key": "description"}, {"hash": "f0fc89578f7dd802dc2ed3b849553211", "key": "reporter"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/66129", "id": "MANDRIVA_MDVSA-2013-117.NASL", "lastseen": "2020-01-01T00:18:15", "modified": "2020-01-02T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "66129", "published": "2013-04-20T00:00:00", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 12, "lastseen": "2020-01-01T00:18:15"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2011-4944"], "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi libraries, to avoid any future issues with those (mitigates CVE-2012-0876 for expat).", "edition": 6, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "b01273b8af0a822778447fbe2c4a04eb556d48519e14d14d9658c4c2b1dce4dc", "hashmap": [{"hash": "3d9289c1e61a1ce58e5af9e29589f064", "key": "title"}, {"hash": "01d8bd14828933a50e02d5089cf31391", "key": "cvelist"}, {"hash": "7fcf2977b7c2c41c8a2aac416bbc6c97", "key": "cvss"}, {"hash": "165babb4eae3a7324f0312c8d102caf5", "key": "pluginID"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0e4da7304285381f16759537beaada44", "key": "modified"}, {"hash": "0fa5637ac1b6c3f240abad8f2b02ffa2", "key": "href"}, {"hash": "bcb3688951db9c8568c95f628fcb6a15", "key": "description"}, {"hash": "e77a44af9a357fd1ae177bbeab71eda7", "key": "references"}, {"hash": "8d2de8c7ecb335343c7dd5bca1c24e83", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=66129", "id": "MANDRIVA_MDVSA-2013-117.NASL", "lastseen": "2019-01-03T10:11:13", "modified": "2019-01-02T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "66129", "published": "2013-04-20T00:00:00", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-03T10:11:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2011-4944"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi libraries, to avoid any future issues with those (mitigates CVE-2012-0876 for expat).", "edition": 4, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "031c92486e84bb0468d602548a4ed33e0a4038881b46725968991cab68c397dc", "hashmap": [{"hash": "3d9289c1e61a1ce58e5af9e29589f064", "key": "title"}, {"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "01d8bd14828933a50e02d5089cf31391", "key": "cvelist"}, {"hash": "165babb4eae3a7324f0312c8d102caf5", "key": "pluginID"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0fa5637ac1b6c3f240abad8f2b02ffa2", "key": "href"}, {"hash": "bcb3688951db9c8568c95f628fcb6a15", "key": "description"}, {"hash": "6a6fad4a13a5e3adf908765a016b9ec8", "key": "sourceData"}, {"hash": "e77a44af9a357fd1ae177bbeab71eda7", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=66129", "id": "MANDRIVA_MDVSA-2013-117.NASL", "lastseen": "2018-08-30T19:35:05", "modified": "2018-07-19T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "66129", "published": "2013-04-20T00:00:00", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/19 20:59:18\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:35:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2011-4944", "CVE-2012-0876"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "edition": 11, "enchantments": {"dependencies": {"modified": "2019-12-13T08:05:50", "references": [{"idList": ["USN-1527-1", "USN-1527-2"], "type": "ubuntu"}, {"idList": ["ELSA-2012-0745", "ELSA-2012-0744", "ELSA-2012-0731"], "type": "oraclelinux"}, {"idList": ["ALAS-2012-089"], "type": "amazon"}, {"idList": ["CESA-2012:0731", "CESA-2012:0745"], "type": "centos"}, {"idList": ["MANDRIVA_MDVSA-2012-096.NASL", "DEBIAN_DSA-2525.NASL", "CENTOS_RHSA-2012-0731.NASL", "MANDRIVA_MDVSA-2012-097.NASL", "FEDORA_2012-5058.NASL", "UBUNTU_USN-1527-1.NASL", "UBUNTU_USN-1527-2.NASL", "ALA_ALAS-2012-89.NASL", "FEDORA_2012-6996.NASL", "FEDORA_2012-4936.NASL"], "type": "nessus"}, {"idList": ["RHSA-2012:0745", "RHSA-2012:0731", "RHSA-2016:0062"], "type": "redhat"}, {"idList": ["DEBIAN:DLA-508-1:E525E", "DEBIAN:DSA-2525-1:0551E", "DEBIAN:DSA-3597-1:6D822"], "type": "debian"}, {"idList": ["CVE-2011-4944", "CVE-2012-0876"], "type": "cve"}, {"idList": ["ASA-201606-14", "ASA-201606-13"], "type": "archlinux"}, {"idList": ["SECURITYVULNS:DOC:28232", "SECURITYVULNS:DOC:27867", "SECURITYVULNS:VULN:12304"], "type": "securityvulns"}, {"idList": ["SSV:60008"], "type": "seebug"}, {"idList": ["F5:K16949", "F5:K70938105", "F5:K75910138", "SOL16949", "SOL70938105"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310864308", "OPENVAS:1361412562310864214", "OPENVAS:1361412562310105371", "OPENVAS:831685", "OPENVAS:1361412562310831685", "OPENVAS:1361412562310864239", "OPENVAS:864239", "OPENVAS:831686", "OPENVAS:1361412562310831686", "OPENVAS:864308"], "type": "openvas"}]}, "score": {"modified": "2019-12-13T08:05:50", "value": 5.0, "vector": "NONE"}}, "hash": "2dfad92614f6bf08e229e65dc823dcb3fce08550476af03ad6d7e426fecca466", "hashmap": [{"hash": "741b18e744e3f37108cd8c3f4a1c6ef7", "key": "cvss"}, {"hash": "3d9289c1e61a1ce58e5af9e29589f064", "key": "title"}, {"hash": "7e65c687e4a55d913f47594cbe3cba49", "key": "cvelist"}, {"hash": "d73aaed0077c3ca64fabb7258172a57f", "key": "href"}, {"hash": "165babb4eae3a7324f0312c8d102caf5", "key": "pluginID"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "10ec6f52a44185e3372792daa57b7b17", "key": "sourceData"}, {"hash": "e77a44af9a357fd1ae177bbeab71eda7", "key": "references"}, {"hash": "c13165e5295520ca5b0da26f6e31878a", "key": "description"}, {"hash": "f0fc89578f7dd802dc2ed3b849553211", "key": "reporter"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "5a7504dfe859a7ccbaf560628f6442ad", "key": "modified"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/66129", "id": "MANDRIVA_MDVSA-2013-117.NASL", "lastseen": "2019-12-13T08:05:50", "modified": "2019-12-02T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "66129", "published": "2013-04-20T00:00:00", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 11, "lastseen": "2019-12-13T08:05:50"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2011-4944", "CVE-2012-0876"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "edition": 10, "enchantments": {"dependencies": {"modified": "2019-11-01T02:55:14", "references": [{"idList": ["ELSA-2012-0745", "ELSA-2012-0744", "ELSA-2012-0731"], "type": "oraclelinux"}, {"idList": ["ALAS-2012-089"], "type": "amazon"}, {"idList": ["MANDRIVA_MDVSA-2012-096.NASL", "DEBIAN_DSA-2525.NASL", "MANDRIVA_MDVSA-2012-097.NASL", "REDHAT-RHSA-2012-0731.NASL", "FEDORA_2012-5058.NASL", "UBUNTU_USN-1527-1.NASL", "UBUNTU_USN-1527-2.NASL", "ALA_ALAS-2012-89.NASL", "FEDORA_2012-6996.NASL", "FEDORA_2012-4936.NASL"], "type": "nessus"}, {"idList": ["CESA-2012:0731", "CESA-2012:0745"], "type": "centos"}, {"idList": ["USN-1527-1", "USN-1527-2", "USN-1613-1"], "type": "ubuntu"}, {"idList": ["RHSA-2012:0745", "RHSA-2012:0731", "RHSA-2016:0062"], "type": "redhat"}, {"idList": ["DEBIAN:DLA-508-1:E525E", "DEBIAN:DSA-2525-1:0551E", "DEBIAN:DSA-3597-1:6D822"], "type": "debian"}, {"idList": ["CVE-2011-4944", "CVE-2012-0876"], "type": "cve"}, {"idList": ["OPENVAS:1361412562310864308", "OPENVAS:864214", "OPENVAS:1361412562310864214", "OPENVAS:1361412562310105371", "OPENVAS:831685", "OPENVAS:1361412562310831685", "OPENVAS:864239", "OPENVAS:831686", "OPENVAS:1361412562310831686", "OPENVAS:864308"], "type": "openvas"}, {"idList": ["ASA-201606-14", "ASA-201606-13"], "type": "archlinux"}, {"idList": ["SECURITYVULNS:DOC:28232", "SECURITYVULNS:DOC:27867", "SECURITYVULNS:VULN:12304"], "type": "securityvulns"}, {"idList": ["SSV:60008"], "type": "seebug"}, {"idList": ["F5:K16949", "F5:K70938105", "F5:K75910138", "SOL16949", "SOL70938105"], "type": "f5"}]}, "score": {"modified": "2019-11-01T02:55:14", "value": 5.0, "vector": "NONE"}}, "hash": "c74db8961287c8c2012b457567e39a47e4e30e4d7f7b5d7b4d1c926c3bede1d5", "hashmap": [{"hash": "741b18e744e3f37108cd8c3f4a1c6ef7", "key": "cvss"}, {"hash": "3d9289c1e61a1ce58e5af9e29589f064", "key": "title"}, {"hash": "7e65c687e4a55d913f47594cbe3cba49", "key": "cvelist"}, {"hash": "d73aaed0077c3ca64fabb7258172a57f", "key": "href"}, {"hash": "abcf9266f425f12dda38f529cd4a94bc", "key": "modified"}, {"hash": "165babb4eae3a7324f0312c8d102caf5", "key": "pluginID"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "10ec6f52a44185e3372792daa57b7b17", "key": "sourceData"}, {"hash": "e77a44af9a357fd1ae177bbeab71eda7", "key": "references"}, {"hash": "c13165e5295520ca5b0da26f6e31878a", "key": "description"}, {"hash": "f0fc89578f7dd802dc2ed3b849553211", "key": "reporter"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "634d1af54c551c354e3204db0cbbc77a", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/66129", "id": "MANDRIVA_MDVSA-2013-117.NASL", "lastseen": "2019-11-01T02:55:14", "modified": "2019-11-02T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "66129", "published": "2013-04-20T00:00:00", "references": ["https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160"], "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 10, "lastseen": "2019-11-01T02:55:14"}], "edition": 13, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "83dfc08c7f7afa19ea39d7f1f599a179"}, {"key": "cvelist", "hash": "7e65c687e4a55d913f47594cbe3cba49"}, {"key": "cvss", "hash": "741b18e744e3f37108cd8c3f4a1c6ef7"}, {"key": "description", "hash": "c13165e5295520ca5b0da26f6e31878a"}, {"key": "href", "hash": "d73aaed0077c3ca64fabb7258172a57f"}, {"key": "modified", "hash": "248ddfee5cc8aa2c1a4fce14baf1e1b1"}, {"key": "naslFamily", "hash": "526837706681051344a466f9e51ac982"}, {"key": "pluginID", "hash": "165babb4eae3a7324f0312c8d102caf5"}, {"key": "published", "hash": "634d1af54c551c354e3204db0cbbc77a"}, {"key": "references", "hash": "e77a44af9a357fd1ae177bbeab71eda7"}, {"key": "reporter", "hash": "f0fc89578f7dd802dc2ed3b849553211"}, {"key": "sourceData", "hash": "10ec6f52a44185e3372792daa57b7b17"}, {"key": "title", "hash": "3d9289c1e61a1ce58e5af9e29589f064"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "23f90f4c64ca991729c3661178a390baaa605e796b1bc135d5d1fc8653d31cb8", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4944", "CVE-2012-0876"]}, {"type": "f5", "idList": ["F5:K16949", "SOL16949", "F5:K75910138", "SOL70938105", "F5:K70938105"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105371", "OPENVAS:831685", "OPENVAS:1361412562310831685", "OPENVAS:864239", "OPENVAS:1361412562310864214", "OPENVAS:864214", "OPENVAS:864308", "OPENVAS:1361412562310864308", "OPENVAS:1361412562310864239", "OPENVAS:1361412562310831686"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0745", "ELSA-2012-0744", "ELSA-2012-0731"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2012-097.NASL", "MANDRIVA_MDVSA-2012-096.NASL", "FEDORA_2012-4936.NASL", "FEDORA_2012-5058.NASL", "FEDORA_2012-6996.NASL", "ALA_ALAS-2012-89.NASL", "DEBIAN_DSA-2525.NASL", "UBUNTU_USN-1527-1.NASL", "UBUNTU_USN-1527-2.NASL", "F5_BIGIP_SOL70938105.NASL"]}, {"type": "seebug", "idList": ["SSV:60008"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28232", "SECURITYVULNS:DOC:27867", "SECURITYVULNS:VULN:12304"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2525-1:0551E", "DEBIAN:DLA-508-1:E525E", "DEBIAN:DSA-3597-1:6D822"]}, {"type": "amazon", "idList": ["ALAS-2012-089"]}, {"type": "centos", "idList": ["CESA-2012:0731", "CESA-2012:0745"]}, {"type": "redhat", "idList": ["RHSA-2012:0731", "RHSA-2012:0745", "RHSA-2016:0062"]}, {"type": "ubuntu", "idList": ["USN-1527-2", "USN-1527-1", "USN-1613-2"]}, {"type": "archlinux", "idList": ["ASA-201606-14", "ASA-201606-13"]}, {"type": "vmware", "idList": ["VMSA-2012-0016"]}], "modified": "2020-02-01T00:45:03"}, "score": {"value": 5.0, "vector": "NONE", "modified": "2020-02-01T00:45:03"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/08/02 13:32:55\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "66129", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "scheme": null}

{"cve": [{"lastseen": "2020-01-22T14:32:37", "bulletinFamily": "NVD", "description": "Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.", "modified": "2019-10-25T11:53:00", "id": "CVE-2011-4944", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4944", "published": "2012-08-27T23:55:00", "title": "CVE-2011-4944", "type": "cve", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:12:20", "bulletinFamily": "NVD", "description": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.", "modified": "2018-01-05T02:29:00", "id": "CVE-2012-0876", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0876", "published": "2012-07-03T19:55:00", "title": "CVE-2012-0876", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2017-08-15T01:08:46", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 388737 (BIG-IP) to these vulnerabilities, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H16949 on the **Diagnostics** &gt; **Identified** &gt; **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AAM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AFM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Analytics | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP APM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP ASM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Edge Gateway | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP GTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Link Controller | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PEM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PSM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP WebAccelerator | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP WOM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.0 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 | Not vulnerable | None \n \n* **Important**: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP ASM\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-08-14T23:30:00", "published": "2015-07-11T03:06:00", "href": "https://support.f5.com/csp/article/K16949", "id": "F5:K16949", "type": "f5", "title": "Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:06", "bulletinFamily": "software", "description": "**Important**: *Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the** Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\n**BIG-IP ASM**\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-06-28T00:00:00", "published": "2015-07-10T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/900/sol16949.html", "id": "SOL16949", "title": "SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-02-22T00:33:56", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2018-09-12T00:17:00", "published": "2018-09-12T00:17:00", "id": "F5:K75910138", "href": "https://support.f5.com/csp/article/K75910138", "title": "Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150", "type": "f5", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2016-11-09T00:09:38", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL15106: Managing BIG-IQ product hotfixes\n * SOL15113: BIG-IQ hotfix matrix\n * SOL12766: ARX hotfix matrix\n", "modified": "2016-10-26T00:00:00", "published": "2016-10-26T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/70/sol70938105.html", "id": "SOL70938105", "type": "f5", "title": "SOL70938105 - Expat XML library vulnerability CVE-2016-5300", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-02-22T00:34:21", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 617273 (BIG-IP), ID 617964 (BIG-IQ/F5 iWorkflow), ID 618243 (Enterprise Manager), and ID 528541 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H624219 on the **Diagnostics** &gt; **Identified** &gt; **Medium** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | Medium | XML parser Expat library \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | Medium | XML parser Expat library \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 \n11.2.1 | Medium | XML parser Expat library \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.3 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 | Medium | XML parser Expat library \nBIG-IP Edge Gateway | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | 11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 11.6.3.2 \n11.5.7 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.1 - 11.6.3 \n11.4.0 - 11.5.6 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 \n11.6.3.2 \n11.5.7 | Medium | XML parser Expat library \nBIG-IP PSM | 11.4.0 - 11.4.1 | 10.2.1 - 10.2.4 | Medium | XML parser Expat library \nBIG-IP WebAccelerator | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebSafe | 13.0.0 \n12.0.0 - 12.1.3 \n11.6.0 - 11.6.3 | 14.1.0 \n14.0.0 \n13.1.0 \n13.0.1 \n12.1.3.2 | Medium \n\n \n\n| XML parser Expat library \nARX | 6.2.0 - 6.4.0 | None | Low | XML parser Expat library \nEnterprise Manager | 3.1.1 | None | Medium | XML parser Expat library \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ ADC | 4.5.0 | None | Medium | XML parser Expat library \nBIG-IQ Centralized Management | 5.0.0 - 5.4.0 \n4.6.0 | None | Medium | XML parser Expat library \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Medium | XML parser Expat library \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | XML parser Expat library \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>)\n * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n", "modified": "2018-12-17T23:12:00", "published": "2016-10-27T01:15:00", "id": "F5:K70938105", "href": "https://support.f5.com/csp/article/K70938105", "title": "Expat XML library vulnerability CVE-2016-5300", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "scanner", "description": "The remote host is missing a security patch.", "modified": "2018-10-26T00:00:00", "published": "2015-09-19T00:00:00", "id": "OPENVAS:1361412562310105371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105371", "title": "F5 BIG-IP - SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_f5_big_ip_sol16949.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# F5 BIG-IP - SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105371\");\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 12106 $\");\n\n script_name(\"F5 BIG-IP - SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16949.html\");\n\n script_tag(name:\"impact\", value:\"These vulnerabilities allow context-dependent attackers to cause a denial-of-service (DoS) (CPU and/or memory consumption) by way of XML files.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"The remote host is missing a security patch.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-19 10:34:51 +0200 (Sat, 19 Sep 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_require_ports(\"Services/ssh\", 22);\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['AAM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['AFM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['AVR'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['APM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['ASM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['GTM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['LC'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['PEM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['PSM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0-11.6.0;');\n\ncheck_f5['WAM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0;');\n\ncheck_f5['WOM'] = make_array( 'affected', '11.0.0-11.2.1;10.1.0-10.2.4;',\n 'unaffected', '11.3.0;');\n\nif( report = is_f5_vulnerable( ca:check_f5, version:version ) )\n{\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-02T10:58:06", "bulletinFamily": "scanner", "description": "Check for the Version of python", "modified": "2017-12-28T00:00:00", "published": "2012-06-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831685", "id": "OPENVAS:831685", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user&#039;s .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"python on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_id(831685);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:1361412562310831685", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831685", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831685\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"python on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864308", "title": "Fedora Update for expat FEDORA-2012-4936", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-4936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078056.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864308\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:02:05 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0876\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-4936\");\n script_name(\"Fedora Update for expat FEDORA-2012-4936\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"expat on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-11T11:06:52", "bulletinFamily": "scanner", "description": "Check for the Version of expat", "modified": "2018-01-09T00:00:00", "published": "2012-08-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864308", "id": "OPENVAS:864308", "title": "Fedora Update for expat FEDORA-2012-4936", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-4936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"expat on Fedora 17\";\ntag_insight = \"This is expat, the C library for parsing XML, written by James Clark. Expat\n is a stream oriented XML parser. This means that you register handlers with\n the parser prior to starting the parse. These handlers are called when the\n parser discovers the associated structures in the document being parsed. A\n start tag is an example of the kind of structures for which you may\n register handlers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078056.html\");\n script_id(864308);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:02:05 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-0876\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-4936\");\n script_name(\"Fedora Update for expat FEDORA-2012-4936\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of expat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-05-17T00:00:00", "id": "OPENVAS:1361412562310864239", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864239", "title": "Fedora Update for expat FEDORA-2012-6996", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-6996\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080560.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864239\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:31:59 +0530 (Thu, 17 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0876\");\n script_xref(name:\"FEDORA\", value:\"2012-6996\");\n script_name(\"Fedora Update for expat FEDORA-2012-6996\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"expat on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-03T10:58:16", "bulletinFamily": "scanner", "description": "Check for the Version of expat", "modified": "2018-01-03T00:00:00", "published": "2012-05-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864239", "id": "OPENVAS:864239", "title": "Fedora Update for expat FEDORA-2012-6996", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-6996\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"expat on Fedora 15\";\ntag_insight = \"This is expat, the C library for parsing XML, written by James Clark. Expat\n is a stream oriented XML parser. This means that you register handlers with\n the parser prior to starting the parse. These handlers are called when the\n parser discovers the associated structures in the document being parsed. A\n start tag is an example of the kind of structures for which you may\n register handlers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080560.html\");\n script_id(864239);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-17 10:31:59 +0530 (Thu, 17 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0876\");\n script_xref(name: \"FEDORA\", value: \"2012-6996\");\n script_name(\"Fedora Update for expat FEDORA-2012-6996\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of expat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-05-04T00:00:00", "id": "OPENVAS:1361412562310864214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864214", "title": "Fedora Update for expat FEDORA-2012-5058", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-5058\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079451.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864214\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 10:46:46 +0530 (Fri, 04 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0876\");\n script_xref(name:\"FEDORA\", value:\"2012-5058\");\n script_name(\"Fedora Update for expat FEDORA-2012-5058\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'expat'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"expat on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-06T13:06:29", "bulletinFamily": "scanner", "description": "Check for the Version of expat", "modified": "2018-01-05T00:00:00", "published": "2012-05-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864214", "id": "OPENVAS:864214", "title": "Fedora Update for expat FEDORA-2012-5058", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for expat FEDORA-2012-5058\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"expat on Fedora 16\";\ntag_insight = \"This is expat, the C library for parsing XML, written by James Clark. Expat\n is a stream oriented XML parser. This means that you register handlers with\n the parser prior to starting the parse. These handlers are called when the\n parser discovers the associated structures in the document being parsed. A\n start tag is an example of the kind of structures for which you may\n register handlers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079451.html\");\n script_id(864214);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 10:46:46 +0530 (Fri, 04 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2012-0876\");\n script_xref(name: \"FEDORA\", value: \"2012-5058\");\n script_name(\"Fedora Update for expat FEDORA-2012-5058\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of expat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"expat\", rpm:\"expat~2.1.0~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:10", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:1361412562310831686", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831686", "title": "Mandriva Update for python MDVSA-2012:096 (python)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:096 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:096\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831686\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:57 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:096\");\n script_name(\"Mandriva Update for python MDVSA-2012:096 (python)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2010\\.1\");\n script_tag(name:\"affected\", value:\"python on Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A flaw was found in the way the Python SimpleHTTPServer module\n generated directory listings. An attacker able to upload a file\n with a specially-crafted name to a server could possibly perform a\n cross-site scripting (XSS) attack against victims visiting a listing\n page generated by SimpleHTTPServer, for a directory containing\n the crafted file (if the victims were using certain web browsers)\n (CVE-2011-4940).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6\", rpm:\"lib64python2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6-devel\", rpm:\"lib64python2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:46", "bulletinFamily": "unix", "description": "[2.4.3-46.el5_8.2]\n- if hash randomization is enabled, also enable it within pyexpat\nResolves: CVE-2012-0876\n[2.4.3-46.el5_8.1]\n- distutils.commands.register: create ~/.pypirc securely\nResolves: CVE-2011-4944\n- send encoding in SimpleHTTPServer.list_directory to protect IE7 against\npotential XSS attacks\nResolves: CVE-2011-4940\n- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment\nvariable, to provide an opt-in way to protect against denial of service\nattacks due to hash collisions within the dict and set types\nResolves: CVE-2012-1150", "modified": "2012-06-18T00:00:00", "published": "2012-06-18T00:00:00", "id": "ELSA-2012-0745", "href": "http://linux.oracle.com/errata/ELSA-2012-0745.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:11", "bulletinFamily": "unix", "description": "[2.6.6-29.el6_2.2]\n- if hash randomization is enabled, also enable it within pyexpat\nResolves: CVE-2012-0876\n[2.6.6-29.el6_2.1]\n- distutils.config: create ~/.pypirc securely\nResolves: CVE-2011-4944\n- fix endless loop in SimpleXMLRPCServer upon malformed POST request\nResolves: CVE-2012-0845\n- send encoding in SimpleHTTPServer.list_directory to protect IE7 against\npotential XSS attacks\nResolves: CVE-2011-4940\n- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment\nvariable, to provide an opt-in way to protect against denial of service\nattacks due to hash collisions within the dict and set types\nResolves: CVE-2012-1150", "modified": "2012-06-18T00:00:00", "published": "2012-06-18T00:00:00", "id": "ELSA-2012-0744", "href": "http://linux.oracle.com/errata/ELSA-2012-0744.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:25", "bulletinFamily": "unix", "description": "[2.0.1-11]\n- use symbol version for XML_SetHashSalt (CVE-2012-0876, #816306)\n[2.0.1-10]\n- add security fix for CVE-2012-1148 (#811825)\n- add security fix for CVE-2012-0876 (#811833)", "modified": "2012-06-13T00:00:00", "published": "2012-06-13T00:00:00", "id": "ELSA-2012-0731", "href": "http://linux.oracle.com/errata/ELSA-2012-0731.html", "title": "expat security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2020-02-01T00:45:01", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "modified": "2020-02-02T00:00:00", "id": "MANDRIVA_MDVSA-2012-097.NASL", "href": "https://www.tenable.com/plugins/nessus/61956", "published": "2012-09-06T00:00:00", "title": "Mandriva Linux Security Advisory : python (MDVSA-2012:097)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:097. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61956);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:54\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_bugtraq_id(\n 49778,\n 51239,\n 51996,\n 52379,\n 52732\n );\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2012:097)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-docs-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-apps-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T07:09:31", "bulletinFamily": "scanner", "description": "This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-02-02T00:00:00", "id": "FEDORA_2012-6996.NASL", "href": "https://www.tenable.com/plugins/nessus/59101", "published": "2012-05-16T00:00:00", "title": "Fedora 15 : expat-2.1.0-1.fc15 (2012-6996)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-6996.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59101);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:53:51 $\");\n\n script_bugtraq_id(52379);\n script_xref(name:\"FEDORA\", value:\"2012-6996\");\n\n script_name(english:\"Fedora 15 : expat-2.1.0-1.fc15 (2012-6996)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=806602\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080560.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bf4e8cfc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"expat-2.1.0-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T07:09:30", "bulletinFamily": "scanner", "description": "This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-02-02T00:00:00", "id": "FEDORA_2012-5058.NASL", "href": "https://www.tenable.com/plugins/nessus/58924", "published": "2012-05-01T00:00:00", "title": "Fedora 16 : expat-2.1.0-1.fc16 (2012-5058)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5058.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58924);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:44:21 $\");\n\n script_cve_id(\"CVE-2012-0876\");\n script_bugtraq_id(52379);\n script_xref(name:\"FEDORA\", value:\"2012-5058\");\n\n script_name(english:\"Fedora 16 : expat-2.1.0-1.fc16 (2012-5058)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=786617\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079451.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4bdca5a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"expat-2.1.0-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T07:09:30", "bulletinFamily": "scanner", "description": "This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-02-02T00:00:00", "id": "FEDORA_2012-4936.NASL", "href": "https://www.tenable.com/plugins/nessus/58709", "published": "2012-04-12T00:00:00", "title": "Fedora 17 : expat-2.1.0-1.fc17 (2012-4936)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-4936.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58709);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:44:21 $\");\n\n script_bugtraq_id(52379);\n script_xref(name:\"FEDORA\", value:\"2012-4936\");\n\n script_name(english:\"Fedora 17 : expat-2.1.0-1.fc17 (2012-4936)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes expat 2.1.0, which fixes includes a fix for a\nsecurity issue.\n\nA specially crafted set of keys could trigger hash function\ncollisions, which degrade dictionary performance by changing hash\ntable operations complexity from an expected/average O(1) to the worst\ncase O(n). Reporters were able to find colliding strings efficiently\nusing meet in the middle attack. (CVE-2012-0876)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=806602\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078056.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4c229eb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected expat package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"expat-2.1.0-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T00:45:01", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers) (CVE-2011-4940).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user", "modified": "2020-02-02T00:00:00", "id": "MANDRIVA_MDVSA-2012-096.NASL", "href": "https://www.tenable.com/plugins/nessus/59635", "published": "2012-06-21T00:00:00", "title": "Mandriva Linux Security Advisory : python (MDVSA-2012:096)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:096. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59635);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:54\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4940\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_bugtraq_id(\n 49778,\n 51239,\n 51996,\n 52379,\n 52732,\n 54083\n );\n script_xref(name:\"MDVSA\", value:\"2012:096\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2012:096)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers) (CVE-2011-4940).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-devel-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-devel-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-docs-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-apps-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T02:38:01", "bulletinFamily": "scanner", "description": "USN-1527-1 fixed vulnerabilities in Expat. This update provides the\ncorresponding updates for XML-RPC for C and C++. Both issues described\nin the original advisory affected XML-RPC for C and C++ in Ubuntu\n10.04 LTS, 11.04, 11.10 and 12.04 LTS.\n\nIt was discovered that Expat computed hash values without restricting\nthe ability to trigger hash collisions predictably. If a user or\napplication linked against Expat were tricked into opening a crafted\nXML file, an attacker could cause a denial of service by consuming\nexcessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle\nmemory reallocation when processing XML files. If a user or\napplication linked against Expat were tricked into opening a\ncrafted XML file, an attacker could cause a denial of\nservice by consuming excessive memory resources. This issue\nonly affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10.\n(CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-02-02T00:00:00", "id": "UBUNTU_USN-1527-2.NASL", "href": "https://www.tenable.com/plugins/nessus/62036", "published": "2012-09-11T00:00:00", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1527-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62036);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_bugtraq_id(52379);\n script_xref(name:\"USN\", value:\"1527-2\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-1527-1 fixed vulnerabilities in Expat. This update provides the\ncorresponding updates for XML-RPC for C and C++. Both issues described\nin the original advisory affected XML-RPC for C and C++ in Ubuntu\n10.04 LTS, 11.04, 11.10 and 12.04 LTS.\n\nIt was discovered that Expat computed hash values without restricting\nthe ability to trigger hash collisions predictably. If a user or\napplication linked against Expat were tricked into opening a crafted\nXML file, an attacker could cause a denial of service by consuming\nexcessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle\nmemory reallocation when processing XML files. If a user or\napplication linked against Expat were tricked into opening a\ncrafted XML file, an attacker could cause a denial of\nservice by consuming excessive memory resources. This issue\nonly affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10.\n(CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1527-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libxmlrpc-core-c3 and / or libxmlrpc-core-c3-0\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxmlrpc-core-c3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxmlrpc-core-c3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxmlrpc-core-c3\", pkgver:\"1.06.27-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libxmlrpc-core-c3-0\", pkgver:\"1.16.32-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libxmlrpc-core-c3-0\", pkgver:\"1.16.32-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxmlrpc-core-c3\", pkgver:\"1.16.33-3.1ubuntu5.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxmlrpc-core-c3 / libxmlrpc-core-c3-0\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T02:38:01", "bulletinFamily": "scanner", "description": "It was discovered that Expat computed hash values without restricting\nthe ability to trigger hash collisions predictably. If a user or\napplication linked against Expat were tricked into opening a crafted\nXML file, an attacker could cause a denial of service by consuming\nexcessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory\nreallocation when processing XML files. If a user or application\nlinked against Expat were tricked into opening a crafted XML file, an\nattacker could cause a denial of service by consuming excessive memory\nresources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04\nand 11.10. (CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-02-02T00:00:00", "id": "UBUNTU_USN-1527-1.NASL", "href": "https://www.tenable.com/plugins/nessus/61485", "published": "2012-08-10T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : expat vulnerabilities (USN-1527-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1527-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61485);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_bugtraq_id(52379);\n script_xref(name:\"USN\", value:\"1527-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : expat vulnerabilities (USN-1527-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Expat computed hash values without restricting\nthe ability to trigger hash collisions predictably. If a user or\napplication linked against Expat were tricked into opening a crafted\nXML file, an attacker could cause a denial of service by consuming\nexcessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory\nreallocation when processing XML files. If a user or application\nlinked against Expat were tricked into opening a crafted XML file, an\nattacker could cause a denial of service by consuming excessive memory\nresources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04\nand 11.10. (CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1527-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected lib64expat1, libexpat1 and / or libexpat1-udeb\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64expat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexpat1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexpat1-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"lib64expat1\", pkgver:\"2.0.1-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexpat1\", pkgver:\"2.0.1-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libexpat1-udeb\", pkgver:\"2.0.1-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"lib64expat1\", pkgver:\"2.0.1-7ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libexpat1\", pkgver:\"2.0.1-7ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libexpat1-udeb\", pkgver:\"2.0.1-7ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"lib64expat1\", pkgver:\"2.0.1-7ubuntu3.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libexpat1\", pkgver:\"2.0.1-7ubuntu3.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libexpat1-udeb\", pkgver:\"2.0.1-7ubuntu3.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"lib64expat1\", pkgver:\"2.0.1-7ubuntu3.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libexpat1\", pkgver:\"2.0.1-7ubuntu3.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libexpat1-udeb\", pkgver:\"2.0.1-7ubuntu3.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"lib64expat1\", pkgver:\"2.0.1-7.2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libexpat1\", pkgver:\"2.0.1-7.2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libexpat1-udeb\", pkgver:\"2.0.1-7.2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lib64expat1 / libexpat1 / libexpat1-udeb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T06:52:46", "bulletinFamily": "scanner", "description": "It was discovered that Expat, a C library to parse XML, is vulnerable\nto denial of service through hash collisions and a memory leak in pool\nhandling.", "modified": "2020-02-02T00:00:00", "id": "DEBIAN_DSA-2525.NASL", "href": "https://www.tenable.com/plugins/nessus/61441", "published": "2012-08-07T00:00:00", "title": "Debian DSA-2525-1 : expat - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2525. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61441);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_bugtraq_id(52379);\n script_xref(name:\"DSA\", value:\"2525\");\n\n script_name(english:\"Debian DSA-2525-1 : expat - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Expat, a C library to parse XML, is vulnerable\nto denial of service through hash collisions and a memory leak in pool\nhandling.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/expat\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2525\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the expat packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.1-7+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"expat\", reference:\"2.0.1-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib64expat1\", reference:\"2.0.1-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lib64expat1-dev\", reference:\"2.0.1-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libexpat1\", reference:\"2.0.1-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libexpat1-dev\", reference:\"2.0.1-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libexpat1-udeb\", reference:\"2.0.1-7+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T06:41:56", "bulletinFamily": "scanner", "description": "A denial of service flaw was found in the implementation of hash\narrays in Expat. An attacker could use this flaw to make an\napplication using Expat consume an excessive amount of CPU time by\nproviding a specially crafted XML file that triggers multiple hash\nfunction collisions. To mitigate this issue, randomization has been\nadded to the hash function to reduce the chance of an attacker\nsuccessfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation\nfailure, Expat failed to free the previously allocated memory. This\ncould cause the application to exit unexpectedly or crash when all\navailable memory is exhausted. (CVE-2012-1148)", "modified": "2020-02-02T00:00:00", "id": "ALA_ALAS-2012-89.NASL", "href": "https://www.tenable.com/plugins/nessus/69696", "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : expat (ALAS-2012-89)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-89.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69696);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n script_xref(name:\"ALAS\", value:\"2012-89\");\n script_xref(name:\"RHSA\", value:\"2012:0731\");\n\n script_name(english:\"Amazon Linux AMI : expat (ALAS-2012-89)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the implementation of hash\narrays in Expat. An attacker could use this flaw to make an\napplication using Expat consume an excessive amount of CPU time by\nproviding a specially crafted XML file that triggers multiple hash\nfunction collisions. To mitigate this issue, randomization has been\nadded to the hash function to reduce the chance of an attacker\nsuccessfully causing intentional collisions. (CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation\nfailure, Expat failed to free the previously allocated memory. This\ncould cause the application to exit unexpectedly or crash when all\navailable memory is exhausted. (CVE-2012-1148)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-89.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update expat' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:expat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:expat-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:expat-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"expat-2.0.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"expat-debuginfo-2.0.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"expat-devel-2.0.1-11.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"expat / expat-debuginfo / expat-devel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-02-01T02:13:13", "bulletinFamily": "scanner", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The XML parser (xmlparse.c) in expat before 2.1.0\n computes hash values without restricting the ability to\n trigger hash collisions predictably, which allows\n context-dependent attackers to cause a denial of service\n (CPU consumption) via an XML file with many identifiers\n with the same value. (CVE-2012-0876)\n\n - Memory leak in the poolGrow function in\n expat/lib/xmlparse.c in expat before 2.1.0 allows\n context-dependent attackers to cause a denial of service\n (memory consumption) via a large number of crafted XML\n files that cause improperly-handled reallocation\n failures when expanding entities. (CVE-2012-1148)", "modified": "2020-02-02T00:00:00", "id": "SOLARIS11_LIBEXPAT_20120918.NASL", "href": "https://www.tenable.com/plugins/nessus/80669", "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80669);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\"CVE-2012-0876\", \"CVE-2012-1148\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The XML parser (xmlparse.c) in expat before 2.1.0\n computes hash values without restricting the ability to\n trigger hash collisions predictably, which allows\n context-dependent attackers to cause a denial of service\n (CPU consumption) via an XML file with many identifiers\n with the same value. (CVE-2012-0876)\n\n - Memory leak in the poolGrow function in\n expat/lib/xmlparse.c in expat before 2.1.0 allows\n context-dependent attackers to cause a denial of service\n (memory consumption) via a large number of crafted XML\n files that cause improperly-handled reallocation\n failures when expanding entities. (CVE-2012-1148)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-resource-management-error-vulnerabilities-in-libexpat\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9df5e276\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 11.4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:libexpat\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^libexpat$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libexpat\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.11.0.4.1\", sru:\"SRU 11.4\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : libexpat\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"libexpat\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:54:11", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 52732\r\nCVE ID: CVE-2011-4944\r\n\r\nPython\u662f\u4e00\u79cd\u9762\u5411\u5bf9\u8c61\u3001\u76f4\u8bd1\u5f0f\u8ba1\u7b97\u673a\u7a0b\u5e8f\u8bbe\u8ba1\u8bed\u8a00\uff0c\u4e5f\u662f\u4e00\u79cd\u529f\u80fd\u5f3a\u5927\u7684\u901a\u7528\u578b\u8bed\u8a00\u3002\r\n\r\nPython\u5728distutils\u7ec4\u4ef6\u521b\u5efa.pypirc\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\uff0c\u53ef\u4ee5\u8bbf\u95ee\u53d7\u5bb3\u8005\u4e3b\u76ee\u5f55\u7684\u653b\u51fb\u8005\u901a\u8fc7\u6b64\u6f0f\u6d1e\u53ef\u7ed5\u8fc7\u67d0\u4e9b\u6743\u9650\u9650\u5236\uff0c\u6cc4\u9732\u654f\u611f\u4fe1\u606f\n0\nPython 3.3\r\nPython 3.2\r\nPython 2.7\r\nPython 2.6\r\nPython 2.5.6\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPython\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nwww.python.org", "modified": "2012-03-29T00:00:00", "published": "2012-03-29T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60008", "id": "SSV:60008", "type": "seebug", "title": "python 'distutils' Component '~/.pypirc'\u672c\u5730\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:096-1\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : python\r\n Date : July 2, 2012\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in python:\r\n \r\n The _ssl module would always disable the CBC IV attack countermeasure\r\n &#40;CVE-2011-3389&#41;.\r\n \r\n A flaw was found in the way the Python SimpleHTTPServer module\r\n generated directory listings. An attacker able to upload a file\r\n with a specially-crafted name to a server could possibly perform a\r\n cross-site scripting &#40;XSS&#41; attack against victims visiting a listing\r\n page generated by SimpleHTTPServer, for a directory containing\r\n the crafted file &#40;if the victims were using certain web browsers&#41;\r\n &#40;CVE-2011-4940&#41;.\r\n \r\n A race condition was found in the way the Python distutils module\r\n set file permissions during the creation of the .pypirc file. If a\r\n local user had access to the home directory of another user who is\r\n running distutils, they could use this flaw to gain access to that\r\n user&#039;s .pypirc file, which can contain usernames and passwords for\r\n code repositories &#40;CVE-2011-4944&#41;.\r\n \r\n A flaw was found in the way the Python SimpleXMLRPCServer module\r\n handled clients disconnecting prematurely. A remote attacker could\r\n use this flaw to cause excessive CPU consumption on a server using\r\n SimpleXMLRPCServer &#40;CVE-2012-0845&#41;.\r\n \r\n Hash table collisions CPU usage DoS for the embedded copy of expat\r\n &#40;CVE-2012-0876&#41;.\r\n \r\n A denial of service flaw was found in the implementation of associative\r\n arrays &#40;dictionaries&#41; in Python. An attacker able to supply a large\r\n number of inputs to a Python application &#40;such as HTTP POST request\r\n parameters sent to a web application&#41; that are used as keys when\r\n inserting data into an array could trigger multiple hash function\r\n collisions, making array operations take an excessive amount of\r\n CPU time. To mitigate this issue, randomization has been added to\r\n the hash function to reduce the chance of an attacker successfully\r\n causing intentional collisions &#40;CVE-2012-1150&#41;.\r\n \r\n The updated packages have been patched to correct these issues.\r\n\r\n Update:\r\n\r\n Packages for Mandriva Enterprise Server 5 is also being provided.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4940\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n e18f146e6c8aa316adb5d19a0de2cdef mes5/i586/libpython2.5-2.5.2-5.12mdvmes5.2.i586.rpm\r\n f425a7831028c28f98bac0d95ee532ce mes5/i586/libpython2.5-devel-2.5.2-5.12mdvmes5.2.i586.rpm\r\n 153ff4e78256ec9b0b89f5ecd7ed317c mes5/i586/python-2.5.2-5.12mdvmes5.2.i586.rpm\r\n bbff1780014007b0c95491c74d3dc82b mes5/i586/python-base-2.5.2-5.12mdvmes5.2.i586.rpm\r\n e73ffb5aeff47d2008b0bdb99623579f mes5/i586/python-docs-2.5.2-5.12mdvmes5.2.i586.rpm\r\n af4d7f8f20f7cf7b2beb77dbd06f6992 mes5/i586/tkinter-2.5.2-5.12mdvmes5.2.i586.rpm\r\n 268850f5dd79335c129fa84469d39e20 mes5/i586/tkinter-apps-2.5.2-5.12mdvmes5.2.i586.rpm \r\n 0248488ef4499a61ba9ef31061325f1e mes5/SRPMS/python-2.5.2-5.12mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 6ee32ebb3873a3e01def5984dfa951c7 mes5/x86_64/lib64python2.5-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 9e7d5a39d2b224bd9141e6851350e43d mes5/x86_64/lib64python2.5-devel-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n f798622e3b9f9795c373be0d90008684 mes5/x86_64/python-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 916fb7c6e716daaf5269086b9477efcf mes5/x86_64/python-base-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 53f14e4e8d6140603acac82004bd12c9 mes5/x86_64/python-docs-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n ff348190df6007b7d0b043ac153f35dd mes5/x86_64/tkinter-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n d7f55af87f3e3ea045b556f91c09333b mes5/x86_64/tkinter-apps-2.5.2-5.12mdvmes5.2.x86_64.rpm \r\n 0248488ef4499a61ba9ef31061325f1e mes5/SRPMS/python-2.5.2-5.12mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFP8YuYmqjQ0CJFipgRAl7UAKDy0foAu7Ro4bcYaG/I43WrnoHT7ACfV9t5\r\ny8nHa/VpwqBidhF5DJElWmo=\r\n=AnEb\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2012-07-09T00:00:00", "published": "2012-07-09T00:00:00", "id": "SECURITYVULNS:DOC:28232", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28232", "title": "[ MDVSA-2012:096-1 ] python", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:041\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : expat\r\n Date : March 27, 2012\r\n Affected: 2010.1, 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A memory leak and a hash table collision flaw in expat could cause\r\n denial os service &#40;DoS&#41; attacks &#40;CVE-2012-0876, CVE-2012-1148&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.1:\r\n 210b60280a0baf8e08634e0ea6a3bab9 2010.1/i586/expat-2.0.1-12.1mdv2010.2.i586.rpm\r\n 0b657867100b109cbf90a05d2262bec7 2010.1/i586/libexpat1-2.0.1-12.1mdv2010.2.i586.rpm\r\n 0bd180a7b4f4d93df5b74f66e2c85e74 2010.1/i586/libexpat1-devel-2.0.1-12.1mdv2010.2.i586.rpm \r\n 9f063d0589f638e047de6a5266e6ac84 2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n ced30873d989d1511e828037b4f68d4d 2010.1/x86_64/expat-2.0.1-12.1mdv2010.2.x86_64.rpm\r\n ebd7d687082377e65c818f8ba780b66d 2010.1/x86_64/lib64expat1-2.0.1-12.1mdv2010.2.x86_64.rpm\r\n fd8bef44ccdadeaf14966b44733883fe 2010.1/x86_64/lib64expat1-devel-2.0.1-12.1mdv2010.2.x86_64.rpm \r\n 9f063d0589f638e047de6a5266e6ac84 2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2011:\r\n 6c8bdc44eed2cebf483d4041d57f5eea 2011/i586/expat-2.0.1-15.1-mdv2011.0.i586.rpm\r\n 8211eeb028a563dcbedda7d1726035bb 2011/i586/libexpat1-2.0.1-15.1-mdv2011.0.i586.rpm\r\n c6c9685891ae405ff6181b6899ee10ce 2011/i586/libexpat-devel-2.0.1-15.1-mdv2011.0.i586.rpm\r\n 7afd883dae4a17201128de1485cf949c 2011/i586/libexpat-static-devel-2.0.1-15.1-mdv2011.0.i586.rpm \r\n 4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 7e84ec2183f6ba903779b00f914e3813 2011/x86_64/expat-2.0.1-15.1-mdv2011.0.x86_64.rpm\r\n d7c0853983ce8d2dc2b0b9740924acd7 2011/x86_64/lib64expat1-2.0.1-15.1-mdv2011.0.x86_64.rpm\r\n ecca4f586885b53d2a0ca39a8985f561 2011/x86_64/lib64expat-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm\r\n f87f9aecd51f1f20508dc6f6ad5f02e6 2011/x86_64/lib64expat-static-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm \r\n 4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 9618c2dceec06fcb04655e2adb9f8d9d mes5/i586/expat-2.0.1-7.4mdvmes5.2.i586.rpm\r\n a0b4d2e3b545f6d63cef9476da3cc72f mes5/i586/libexpat1-2.0.1-7.4mdvmes5.2.i586.rpm\r\n 95ec804d1758d0a7628abd42bf3e54e5 mes5/i586/libexpat1-devel-2.0.1-7.4mdvmes5.2.i586.rpm \r\n 01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 4781b62e289cae964e8a7c540d2387c9 mes5/x86_64/expat-2.0.1-7.4mdvmes5.2.x86_64.rpm\r\n aee65480dd6cc31f957c3b17771babf6 mes5/x86_64/lib64expat1-2.0.1-7.4mdvmes5.2.x86_64.rpm\r\n ddbc81b65a6969e17900bbbc842cc8e4 mes5/x86_64/lib64expat1-devel-2.0.1-7.4mdvmes5.2.x86_64.rpm \r\n 01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFPcd5UmqjQ0CJFipgRAvzjAJ46WPQm7hmP1/gmoLmPmFMdZYcOrQCgq/oR\r\nZVAk5KD7zUd2cFhkef3xvRo=\r\n=EuSi\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2012-04-02T00:00:00", "published": "2012-04-02T00:00:00", "id": "SECURITYVULNS:DOC:27867", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27867", "title": "[ MDVSA-2012:041 ] expat", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "description": "Memory leaks, predictable hash function.", "modified": "2012-04-02T00:00:00", "published": "2012-04-02T00:00:00", "id": "SECURITYVULNS:VULN:12304", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12304", "title": "expat security vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2019-05-29T17:22:38", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. ([CVE-2012-0876 __](<https://access.redhat.com/security/cve/CVE-2012-0876>))\n\nA memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. ([CVE-2012-1148 __](<https://access.redhat.com/security/cve/CVE-2012-1148>))\n\n \n**Affected Packages:** \n\n\nexpat\n\n \n**Issue Correction:** \nRun _yum update expat_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n expat-devel-2.0.1-11.9.amzn1.i686 \n expat-debuginfo-2.0.1-11.9.amzn1.i686 \n expat-2.0.1-11.9.amzn1.i686 \n \n src: \n expat-2.0.1-11.9.amzn1.src \n \n x86_64: \n expat-devel-2.0.1-11.9.amzn1.x86_64 \n expat-2.0.1-11.9.amzn1.x86_64 \n expat-debuginfo-2.0.1-11.9.amzn1.x86_64 \n \n \n", "modified": "2014-09-14T16:21:00", "published": "2014-09-14T16:21:00", "id": "ALAS-2012-089", "href": "https://alas.aws.amazon.com/ALAS-2012-89.html", "title": "Medium: expat", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:25", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2525-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 06, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : expat\nVulnerability : several\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2012-0876 CVE-2012-1148\n\nIt was discovered that Expat, a C library to parse XML, is vulnerable\nto denial of service through hash collisions and a memory leak in\npool handling.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.1-7+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 2.1.0~beta3-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.1.0~beta3-1.\n\nWe recommend that you upgrade your expat packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2012-08-06T20:37:35", "published": "2012-08-06T20:37:35", "id": "DEBIAN:DSA-2525-1:0551E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00166.html", "title": "[SECURITY] [DSA 2525-1] expat security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:22:55", "bulletinFamily": "unix", "description": "Package : expat\nVersion : 2.1.0-1+deb7u4\nCVE ID : CVE-2012-6702 CVE-2016-5300\n\n\nTwo related issues have been discovered in Expat, a C library for\nparsing XML.\n\nCVE-2012-6702\n\n This issue was introduced when CVE-2012-0876 was addressed. Stefan\n S\u00f8rensen discovered that the use of the function XML_Parse() seeds\n the random number generator generating repeated outputs for rand()\n calls.\n\nCVE-2016-5300\n\n This is the product of an incomplete solution for CVE-2012-0876. The\n parser poorly seeds the random number generator allowing an\n attacker to cause a denial of service (CPU consumption) via an XML\n file with crafted identifiers.\n\nYou might need to manually restart programs and services using expat\nlibraries.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n2.1.0-1+deb7u4.\n\nWe recommend that you upgrade your expat packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2016-06-08T09:29:29", "published": "2016-06-08T09:29:29", "id": "DEBIAN:DLA-508-1:E525E", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201606/msg00009.html", "title": "[SECURITY] [DLA 508-1] expat security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-02T14:20:49", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3597-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nJune 07, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : expat\nCVE ID : CVE-2012-6702 CVE-2016-5300\n\nTwo related issues have been discovered in Expat, a C library for parsing\nXML.\n\nCVE-2012-6702\n\n It was introduced when CVE-2012-0876 was addressed. Stefan S\u00c3\u00b8rensen\n discovered that the use of the function XML_Parse() seeds the random\n number generator generating repeated outputs for rand() calls.\n\nCVE-2016-5300\n\n It is the product of an incomplete solution for CVE-2012-0876. The\n parser poorly seeds the random number generator allowing an\n attacker to cause a denial of service (CPU consumption) via an XML\n file with crafted identifiers.\n\nYou might need to manually restart programs and services using expat\nlibraries.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.1.0-6+deb8u3.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.1.1-3.\n\nWe recommend that you upgrade your expat packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2016-06-07T16:44:54", "published": "2016-06-07T16:44:54", "id": "DEBIAN:DSA-3597-1:6D822", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00175.html", "title": "[SECURITY] [DSA 3597-1] expat security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:07", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:0731\n\n\nExpat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in\nExpat. An attacker could use this flaw to make an application using Expat\nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate\nthis issue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation failure,\nExpat failed to free the previously allocated memory. This could cause the\napplication to exit unexpectedly or crash when all available memory is\nexhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, applications using the Expat library must be restarted for the\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-June/030720.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-June/030723.html\n\n**Affected packages:**\nexpat\nexpat-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0731.html", "modified": "2012-06-13T18:29:54", "published": "2012-06-13T17:07:10", "href": "http://lists.centos.org/pipermail/centos-announce/2012-June/030720.html", "id": "CESA-2012:0731", "title": "expat security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:26:43", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:0745\n\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of associative\narrays (dictionaries) in Python. An attacker able to supply a large number\nof inputs to a Python application (such as HTTP POST request parameters\nsent to a web application) that are used as keys when inserting data into\nan array could trigger multiple hash function collisions, making array\noperations take an excessive amount of CPU time. To mitigate this issue,\nrandomization has been added to the hash function to reduce the chance of\nan attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable the\nprotection, the new \"PYTHONHASHSEED\" environment variable or the Python\ninterpreter's \"-R\" command line option can be used. Refer to the python(1)\nmanual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which\nadds hash randomization to the Expat library used by the Python pyexpat\nmodule.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated\ndirectory listings. An attacker able to upload a file with a\nspecially-crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page generated by\nSimpleHTTPServer, for a directory containing the crafted file (if the\nvictims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file\npermissions during the creation of the .pypirc file. If a local user had\naccess to the home directory of another user who is running distutils, they\ncould use this flaw to gain access to that user's .pypirc file, which can\ncontain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original reporters of\nCVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-June/030730.html\n\n**Affected packages:**\npython\npython-devel\npython-libs\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0745.html", "modified": "2012-06-18T13:11:45", "published": "2012-06-18T13:11:45", "href": "http://lists.centos.org/pipermail/centos-announce/2012-June/030730.html", "id": "CESA-2012:0745", "title": "python, tkinter security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T17:21:06", "bulletinFamily": "unix", "description": "It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148)", "modified": "2012-08-10T00:00:00", "published": "2012-08-10T00:00:00", "id": "USN-1527-1", "href": "https://usn.ubuntu.com/1527-1/", "title": "Expat vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T17:22:23", "bulletinFamily": "unix", "description": "USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12.04 LTS.\n\nOriginal advisory details:\n\nIt was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148)", "modified": "2012-09-10T00:00:00", "published": "2012-09-10T00:00:00", "id": "USN-1527-2", "href": "https://usn.ubuntu.com/1527-2/", "title": "XML-RPC for C and C++ vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "description": "Expat is a C library written by James Clark for parsing XML documents.\n\nA denial of service flaw was found in the implementation of hash arrays in\nExpat. An attacker could use this flaw to make an application using Expat\nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate\nthis issue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA memory leak flaw was found in Expat. If an XML file processed by an\napplication linked against Expat triggered a memory re-allocation failure,\nExpat failed to free the previously allocated memory. This could cause the\napplication to exit unexpectedly or crash when all available memory is\nexhausted. (CVE-2012-1148)\n\nAll Expat users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, applications using the Expat library must be restarted for the\nupdate to take effect.\n", "modified": "2018-06-06T20:24:37", "published": "2012-06-13T04:00:00", "id": "RHSA-2012:0731", "href": "https://access.redhat.com/errata/RHSA-2012:0731", "type": "redhat", "title": "(RHSA-2012:0731) Moderate: expat security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:44:33", "bulletinFamily": "unix", "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of associative\narrays (dictionaries) in Python. An attacker able to supply a large number\nof inputs to a Python application (such as HTTP POST request parameters\nsent to a web application) that are used as keys when inserting data into\nan array could trigger multiple hash function collisions, making array\noperations take an excessive amount of CPU time. To mitigate this issue,\nrandomization has been added to the hash function to reduce the chance of\nan attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable the\nprotection, the new \"PYTHONHASHSEED\" environment variable or the Python\ninterpreter's \"-R\" command line option can be used. Refer to the python(1)\nmanual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which\nadds hash randomization to the Expat library used by the Python pyexpat\nmodule.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated\ndirectory listings. An attacker able to upload a file with a\nspecially-crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page generated by\nSimpleHTTPServer, for a directory containing the crafted file (if the\nvictims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file\npermissions during the creation of the .pypirc file. If a local user had\naccess to the home directory of another user who is running distutils, they\ncould use this flaw to gain access to that user's .pypirc file, which can\ncontain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original reporters of\nCVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n", "modified": "2017-09-08T12:08:36", "published": "2012-06-18T04:00:00", "id": "RHSA-2012:0745", "href": "https://access.redhat.com/errata/RHSA-2012:0745", "type": "redhat", "title": "(RHSA-2012:0745) Moderate: python security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T14:35:31", "bulletinFamily": "unix", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of \ncomponents for hosting Java web applications. It is comprised of the Apache \nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector \n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat \nNative library.\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode \ndifferently from an HTTP proxy software in front of it, possibly leading to \nHTTP request smuggling attacks. (CVE-2015-3183)\n\nA denial of service flaw was found in the implementation of hash arrays in \nExpat. An attacker could use this flaw to make an application using Expat \nconsume an excessive amount of CPU time by providing a specially-crafted\nXML file that triggers multiple hash function collisions. To mitigate this\nissue, randomization has been added to the hash function to reduce the\nchance of an attacker successfully causing intentional collisions.\n(CVE-2012-0876)\n\nA flaw was found in the way httpd handled HTTP Trailer headers when \nprocessing requests using chunked encoding. A malicious client could use \nTrailer headers to set additional HTTP headers after header processing was \nperformed by other modules. This could, for example, lead to a bypass of \nheader restrictions defined with mod_headers. (CVE-2013-5704)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat \nCustomer Portal are advised to apply this update. The Red Hat JBoss Web \nServer process must be restarted for the update to take effect.", "modified": "2018-02-15T23:12:14", "published": "2016-01-21T20:45:11", "id": "RHSA-2016:0062", "href": "https://access.redhat.com/errata/RHSA-2016:0062", "type": "redhat", "title": "(RHSA-2016:0062) Moderate: Red Hat JBoss Web Server 2.1.0 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:43", "bulletinFamily": "unix", "description": "- CVE-2012-6702 (predictable random numbers)\n\nIt was found that when calling XML_Parse ahead of rand(), it causes the\npseudo random generator to generate non-random predictable numbers.\n\n- CVE-2016-5300 (denial of service)\n\nIt was found that original fix for CVE-2012-0876 used too little\nentropy for the hash initialization. This issue can be used to perform\na hash collision based denial of service attack.", "modified": "2016-06-13T00:00:00", "published": "2016-06-13T00:00:00", "id": "ASA-201606-13", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html", "title": "expat: multiple issues", "type": "archlinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:44:36", "bulletinFamily": "unix", "description": "- CVE-2012-6702 (predictable random numbers)\n\nIt was found that when calling XML_Parse ahead of rand(), it causes the\npseudo random generator to generate non-random predictable numbers.\n\n- CVE-2016-5300 (denial of service)\n\nIt was found that original fix for CVE-2012-0876 used too little\nentropy for the hash initialization. This issue can be used to perform\na hash collision based denial of service attack.", "modified": "2016-06-13T00:00:00", "published": "2016-06-13T00:00:00", "id": "ASA-201606-14", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html", "title": "lib32-expat: multiple issues", "type": "archlinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}