Search...

Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)

2005-07-13T00:00:00

ID SLACKWARE_SSA_2003-141-01.NASL
Type nessus
Reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
Modified 2020-03-02T00:00:00

Description

New EPIC4 packages are available to fix security problems found by Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause EPIC4 to crash, or possibly to run arbitrary code as the user running EPIC4. All sites running EPIC4 are advised to upgrade.

                                        
                                            #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2003-141-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include("compat.inc");

if (description)
{
  script_id(18714);
  script_version("1.14");
  script_cvs_date("Date: 2019/10/25 13:36:20");

  script_xref(name:"SSA", value:"2003-141-01");

  script_name(english:"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New EPIC4 packages are available to fix security problems found by
Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under
certain circumstances, a malicious IRC server could cause EPIC4 to
crash, or possibly to run arbitrary code as the user running EPIC4.
All sites running EPIC4 are advised to upgrade."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ab1e22ac"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected epic4 package.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:epic4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2003/05/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"8.1", pkgname:"epic4", pkgver:"1.0.1", pkgarch:"i386", pkgnum:"3")) flag++;

if (slackware_check(osver:"9.0", pkgname:"epic4", pkgver:"1.0.1", pkgarch:"i386", pkgnum:"3")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "SLACKWARE_SSA_2003-141-01.NASL", "bulletinFamily": "scanner", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "description": "New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "published": "2005-07-13T00:00:00", "modified": "2020-03-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/nessus/18714", "reporter": "This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?ab1e22ac"], "cvelist": [], "type": "nessus", "lastseen": "2020-03-17T22:41:38", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "p-cpe:/a:slackware:slackware_linux:epic4"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss3": {}, "description": "New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "edition": 9, "enchantments": {"dependencies": {"modified": "2020-02-01T06:37:05", "references": [{"idList": ["SSA-2003-141-01", "SSA-2003-141-03"], "type": "slackware"}, {"idList": ["SLACKWARE_SSA_2003-141-06.NASL", "SLACKWARE_SSA_2003-141-02.NASL", "SLACKWARE_SSA_2003-141-04.NASL", "SLACKWARE_SSA_2003-141-05.NASL", "SLACKWARE_SSA_2003-141-03.NASL"], "type": "nessus"}]}, "score": {"modified": "2020-02-01T06:37:05", "value": 0.2, "vector": "NONE"}}, "hash": "3131ae489af0bb82be61260f06aedc21d5b475d83b2dd655db31572d61879907", "hashmap": [{"hash": "79ca93cb0b5fd69a8a5e1d523021dcc4", "key": "href"}, {"hash": "89881b750a83b172e006dfabb40c1894", "key": "references"}, {"hash": "53a321a3dd5fec15174c52abc7dca46a", "key": "pluginID"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "973b970525b865eae5982bca1e410f81", "key": "sourceData"}, {"hash": "82097c74cff36f5747c4d143347c45d8", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "248ddfee5cc8aa2c1a4fce14baf1e1b1", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "507c1dcbb71af7a074b2f9898d9bcebb", "key": "reporter"}, {"hash": "5135194ea24c7d9161f1758c7c26fac9", "key": "cpe"}, {"hash": "06d71e9f282a9853a8c93d98b2ef1831", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/18714", "id": "SLACKWARE_SSA_2003-141-01.NASL", "lastseen": "2020-02-01T06:37:05", "modified": "2020-02-02T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "18714", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?ab1e22ac"], "reporter": "This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 9, "lastseen": "2020-02-01T06:37:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "p-cpe:/a:slackware:slackware_linux:epic4"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-12-13T06:33:48", "references": [{"idList": ["SSA-2003-141-01", "SSA-2003-141-03"], "type": "slackware"}, {"idList": ["SLACKWARE_SSA_2003-141-06.NASL", "SLACKWARE_SSA_2003-141-02.NASL", "SLACKWARE_SSA_2003-141-04.NASL", "SLACKWARE_SSA_2003-141-05.NASL", "SLACKWARE_SSA_2003-141-03.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-12-13T06:33:48", "value": 0.2, "vector": "NONE"}}, "hash": "3239f887e75926307f65feb9f2c09ed1a67c35c809ad1070091e4c207d10363a", "hashmap": [{"hash": "79ca93cb0b5fd69a8a5e1d523021dcc4", "key": "href"}, {"hash": "89881b750a83b172e006dfabb40c1894", "key": "references"}, {"hash": "53a321a3dd5fec15174c52abc7dca46a", "key": "pluginID"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "973b970525b865eae5982bca1e410f81", "key": "sourceData"}, {"hash": "82097c74cff36f5747c4d143347c45d8", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "507c1dcbb71af7a074b2f9898d9bcebb", "key": "reporter"}, {"hash": "5135194ea24c7d9161f1758c7c26fac9", "key": "cpe"}, {"hash": "5a7504dfe859a7ccbaf560628f6442ad", "key": "modified"}, {"hash": "06d71e9f282a9853a8c93d98b2ef1831", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/18714", "id": "SLACKWARE_SSA_2003-141-01.NASL", "lastseen": "2019-12-13T06:33:48", "modified": "2019-12-02T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "18714", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?ab1e22ac"], "reporter": "This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 7, "lastseen": "2019-12-13T06:33:48"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New EPIC4 packages are available to fix security problems found by Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause EPIC4 to crash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "edition": 1, "enchantments": {}, "hash": "b66b0fbf3d40901e235792494ea05f4bffd88a38c7dfa59d028ce25596430c2a", "hashmap": [{"hash": "89881b750a83b172e006dfabb40c1894", "key": "references"}, {"hash": "53a321a3dd5fec15174c52abc7dca46a", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "3c1aaf08100b3c1eda7b2a44f2656487", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "845d3e3f87bfbc96cddc1a6bcc026632", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "363c47c52fdc4bbbf7c4b29bdf8fa11b", "key": "href"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "97ea87d6e8ef74740a53e944a5d5c86d", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "06d71e9f282a9853a8c93d98b2ef1831", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18714", "id": "SLACKWARE_SSA_2003-141-01.NASL", "lastseen": "2016-09-26T17:24:49", "modified": "2013-06-01T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.2", "pluginID": "18714", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?ab1e22ac"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/06/01 00:36:12 $\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:49"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "p-cpe:/a:slackware:slackware_linux:epic4"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "edition": 8, "enchantments": {"dependencies": {"modified": "2020-01-01T06:34:54", "references": [{"idList": ["SSA-2003-141-01", "SSA-2003-141-03"], "type": "slackware"}, {"idList": ["SLACKWARE_SSA_2003-141-06.NASL", "SLACKWARE_SSA_2003-141-02.NASL", "SLACKWARE_SSA_2003-141-04.NASL", "SLACKWARE_SSA_2003-141-05.NASL", "SLACKWARE_SSA_2003-141-03.NASL"], "type": "nessus"}]}, "score": {"modified": "2020-01-01T06:34:54", "value": 0.2, "vector": "NONE"}}, "hash": "f7f0a51992335d009a6c65d025664a2982da1a4374dcdc94c55dfd075828cc57", "hashmap": [{"hash": "79ca93cb0b5fd69a8a5e1d523021dcc4", "key": "href"}, {"hash": "89881b750a83b172e006dfabb40c1894", "key": "references"}, {"hash": "53a321a3dd5fec15174c52abc7dca46a", "key": "pluginID"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "2249940a684898a70237266de5d6dd6c", "key": "modified"}, {"hash": "973b970525b865eae5982bca1e410f81", "key": "sourceData"}, {"hash": "82097c74cff36f5747c4d143347c45d8", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "507c1dcbb71af7a074b2f9898d9bcebb", "key": "reporter"}, {"hash": "5135194ea24c7d9161f1758c7c26fac9", "key": "cpe"}, {"hash": "06d71e9f282a9853a8c93d98b2ef1831", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/18714", "id": "SLACKWARE_SSA_2003-141-01.NASL", "lastseen": "2020-01-01T06:34:54", "modified": "2020-01-02T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "18714", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?ab1e22ac"], "reporter": "This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 8, "lastseen": "2020-01-01T06:34:54"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "p-cpe:/a:slackware:slackware_linux:epic4"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-10-28T19:56:11", "references": [{"idList": ["SSA-2003-141-01", "SSA-2003-141-03"], "type": "slackware"}, {"idList": ["SLACKWARE_SSA_2003-141-06.NASL", "SLACKWARE_SSA_2003-141-02.NASL", "SLACKWARE_SSA_2003-141-04.NASL", "SLACKWARE_SSA_2003-141-05.NASL", "SLACKWARE_SSA_2003-141-03.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-10-28T19:56:11", "value": 0.2, "vector": "NONE"}}, "hash": "eb042cfe007ee7ad08b96d5caaddf1f2bfd359e0500cdf897609f03703733cd6", "hashmap": [{"hash": "79ca93cb0b5fd69a8a5e1d523021dcc4", "key": "href"}, {"hash": "89881b750a83b172e006dfabb40c1894", "key": "references"}, {"hash": "53a321a3dd5fec15174c52abc7dca46a", "key": "pluginID"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "973b970525b865eae5982bca1e410f81", "key": "sourceData"}, {"hash": "82097c74cff36f5747c4d143347c45d8", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0bafb6325bcaf483a25404f785191cc5", "key": "modified"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "507c1dcbb71af7a074b2f9898d9bcebb", "key": "reporter"}, {"hash": "5135194ea24c7d9161f1758c7c26fac9", "key": "cpe"}, {"hash": "06d71e9f282a9853a8c93d98b2ef1831", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/18714", "id": "SLACKWARE_SSA_2003-141-01.NASL", "lastseen": "2019-10-28T19:56:11", "modified": "2019-10-02T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "18714", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?ab1e22ac"], "reporter": "This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 5, "lastseen": "2019-10-28T19:56:11"}], "edition": 10, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "5135194ea24c7d9161f1758c7c26fac9"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "82097c74cff36f5747c4d143347c45d8"}, {"key": "href", "hash": "79ca93cb0b5fd69a8a5e1d523021dcc4"}, {"key": "modified", "hash": "af24fd3fdacb4d500ae9d1e724743016"}, {"key": "naslFamily", "hash": "43a3ec56ec636b53af6d97a47899295c"}, {"key": "pluginID", "hash": "53a321a3dd5fec15174c52abc7dca46a"}, {"key": "published", "hash": "9024ab754ee339f101e22cbcc0c75129"}, {"key": "references", "hash": "89881b750a83b172e006dfabb40c1894"}, {"key": "reporter", "hash": "507c1dcbb71af7a074b2f9898d9bcebb"}, {"key": "sourceData", "hash": "973b970525b865eae5982bca1e410f81"}, {"key": "title", "hash": "06d71e9f282a9853a8c93d98b2ef1831"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "d73590596c48ebaa14b3dbe17b4838ffbdbbc0ca9feea377d4168a9dde494f4d", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["SLACKWARE_SSA_2003-141-03.NASL", "SLACKWARE_SSA_2003-141-04.NASL", "SLACKWARE_SSA_2003-141-02.NASL", "SLACKWARE_SSA_2003-141-06.NASL", "SLACKWARE_SSA_2003-141-05.NASL"]}, {"type": "slackware", "idList": ["SSA-2003-141-03", "SSA-2003-141-01"]}], "modified": "2020-03-17T22:41:38"}, "score": {"value": 0.2, "vector": "NONE", "modified": "2020-03-17T22:41:38"}, "vulnersScore": 0.2}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18714);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-01\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : EPIC4 security fixes (SSA:2003-141-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New EPIC4 packages are available to fix security problems found by\nTimo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause EPIC4 to\ncrash, or possibly to run arbitrary code as the user running EPIC4.\nAll sites running EPIC4 are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab1e22ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected epic4 package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:epic4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"epic4\", pkgver:\"1.0.1\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Slackware Local Security Checks", "pluginID": "18714", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "p-cpe:/a:slackware:slackware_linux:epic4"], "scheme": null}

{"nessus": [{"lastseen": "2020-03-17T22:41:38", "bulletinFamily": "scanner", "description": "An integer overflow in the xdrmem_getbytes() function found in the\nglibc library has been fixed. This could allow a remote attacker to\nexecute arbitrary code by exploiting RPC service that use\nxdrmem_getbytes(). None of the default RPC services provided by\nSlackware appear to use this function, but third-party applications\nmay make use of it. We recommend upgrading to these new glibc\npackages.", "modified": "2020-03-02T00:00:00", "id": "SLACKWARE_SSA_2003-141-03.NASL", "href": "https://www.tenable.com/plugins/nessus/37391", "published": "2009-04-23T00:00:00", "title": "Slackware 8.1 / 9.0 : glibc XDR overflow fix (SSA:2003-141-03)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37391);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-03\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : glibc XDR overflow fix (SSA:2003-141-03)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An integer overflow in the xdrmem_getbytes() function found in the\nglibc library has been fixed. This could allow a remote attacker to\nexecute arbitrary code by exploiting RPC service that use\nxdrmem_getbytes(). None of the default RPC services provided by\nSlackware appear to use this function, but third-party applications\nmay make use of it. We recommend upgrading to these new glibc\npackages.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.424088\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bfafb927\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:glibc-zoneinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"glibc\", pkgver:\"2.2.5\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"8.1\", pkgname:\"glibc-solibs\", pkgver:\"2.2.5\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc\", pkgver:\"2.3.1\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc-debug\", pkgver:\"2.3.1\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc-i18n\", pkgver:\"2.3.1\", pkgarch:\"noarch\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc-profile\", pkgver:\"2.3.1\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc-solibs\", pkgver:\"2.3.1\", pkgarch:\"i386\", pkgnum:\"4\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"glibc-zoneinfo\", pkgver:\"2.3.1\", pkgarch:\"noarch\", pkgnum:\"4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-03-17T22:41:38", "bulletinFamily": "scanner", "description": "New BitchX packages are available to fix security problems found by\nTimo Sirainen. BitchX is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause BitchX to\ncrash, or possibly to run arbitrary code as the user running BitchX.\nAll sites running BitchX are advised to upgrade.", "modified": "2020-03-02T00:00:00", "id": "SLACKWARE_SSA_2003-141-02.NASL", "href": "https://www.tenable.com/plugins/nessus/18716", "published": "2005-07-13T00:00:00", "title": "Slackware 8.1 / 9.0 : BitchX security fixes (SSA:2003-141-02)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18716);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-02\");\n\n script_name(english:\"Slackware 8.1 / 9.0 : BitchX security fixes (SSA:2003-141-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New BitchX packages are available to fix security problems found by\nTimo Sirainen. BitchX is an IRC (Internet Relay Chat) client. Under\ncertain circumstances, a malicious IRC server could cause BitchX to\ncrash, or possibly to run arbitrary code as the user running BitchX.\nAll sites running BitchX are advised to upgrade.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.304790\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dde0ac49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bitchx package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bitchx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"bitchx\", pkgver:\"1.0c19\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"bitchx\", pkgver:\"1.0c19\", pkgarch:\"i386\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-03-17T22:41:38", "bulletinFamily": "scanner", "description": "A key validation bug which results in all user IDs on a given key\nbeing treated with the validity of the most-valid user ID on that key\nhas been fixed with the release of GnuPG 1.2.2. We recommend sites\nusing GnuPG upgrade to this new package.", "modified": "2020-03-02T00:00:00", "id": "SLACKWARE_SSA_2003-141-04.NASL", "href": "https://www.tenable.com/plugins/nessus/18713", "published": "2005-07-13T00:00:00", "title": "Slackware 9.0 : GnuPG key validation fix (SSA:2003-141-04)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-04. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18713);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-04\");\n\n script_name(english:\"Slackware 9.0 : GnuPG key validation fix (SSA:2003-141-04)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A key validation bug which results in all user IDs on a given key\nbeing treated with the validity of the most-valid user ID on that key\nhas been fixed with the release of GnuPG 1.2.2. We recommend sites\nusing GnuPG upgrade to this new package.\"\n );\n # http://lists.gnupg.org/pipermail/gnupg-announce/2003q2/000268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.gnupg.org/pipermail/gnupg-announce/2003q2/000268.html\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297133\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb3d9548\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"gnupg\", pkgver:\"1.2.2\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-03-17T22:41:38", "bulletinFamily": "scanner", "description": "An upgraded sysvinit package is available which fixes a problem with\nthe use of quotacheck in /etc/rc.d/rc.M. The original version of rc.M\ncalls quotacheck like this: echo ", "modified": "2020-03-02T00:00:00", "id": "SLACKWARE_SSA_2003-141-06.NASL", "href": "https://www.tenable.com/plugins/nessus/18720", "published": "2005-07-13T00:00:00", "title": "Slackware 9.0 : quotacheck security fix in rc.M (SSA:2003-141-06)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-06. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18720);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-06\");\n\n script_name(english:\"Slackware 9.0 : quotacheck security fix in rc.M (SSA:2003-141-06)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An upgraded sysvinit package is available which fixes a problem with\nthe use of quotacheck in /etc/rc.d/rc.M. The original version of rc.M\ncalls quotacheck like this: echo 'Checking filesystem quotas:\n/sbin/quotacheck -avugM' /sbin/quotacheck -avugM The 'M' option is\nwrong. This causes the filesystem to be remounted, and in the process\nany mount flags such as nosuid, nodev, noexec, and the like, will be\nreset. The correct option to use here is 'm', which does not attempt\nto remount the partition: echo 'Checking filesystem quotas:\n/sbin/quotacheck -avugm' /sbin/quotacheck -avugm We recommend sites\nusing file system quotas upgrade to this new package, or edit\n/etc/rc.d/rc.M accordingly.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.359465\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb5f6293\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.340559\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7efd86b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sysvinit package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"sysvinit\", pkgver:\"2.84\", pkgarch:\"i386\", pkgnum:\"26\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-03-17T22:41:38", "bulletinFamily": "scanner", "description": "An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.\nThis version provides RSA blinding by default which prevents an\nextended timing analysis from revealing details of the secret key to\nan attacker. Note that this problem was already fixed within OpenSSL,\nso this is a ", "modified": "2020-03-02T00:00:00", "id": "SLACKWARE_SSA_2003-141-05.NASL", "href": "https://www.tenable.com/plugins/nessus/18715", "published": "2005-07-13T00:00:00", "title": "Slackware 9.0 : mod_ssl RSA blinding fixes (SSA:2003-141-05)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2003-141-05. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18715);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:20\");\n\n script_xref(name:\"SSA\", value:\"2003-141-05\");\n\n script_name(english:\"Slackware 9.0 : mod_ssl RSA blinding fixes (SSA:2003-141-05)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.\nThis version provides RSA blinding by default which prevents an\nextended timing analysis from revealing details of the secret key to\nan attacker. Note that this problem was already fixed within OpenSSL,\nso this is a 'double fix'. With this package, mod_ssl is secured even\nif OpenSSL is not. We recommend sites using mod_ssl upgrade to this\nnew package.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.301438\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ce4cb0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_ssl package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"mod_ssl\", pkgver:\"2.8.14_1.3.27\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "slackware": [{"lastseen": "2018-02-02T18:11:33", "bulletinFamily": "unix", "description": "An integer overflow in the xdrmem_getbytes() function found in the glibc\nlibrary has been fixed. This could allow a remote attacker to execute\narbitrary code by exploiting RPC service that use xdrmem_getbytes(). None of\nthe default RPC services provided by Slackware appear to use this function,\nbut third-party applications may make use of it.\n\nWe recommend upgrading to these new glibc packages.\n\n\nHere are the details from the Slackware 9.0 ChangeLog:\n\nTue May 20 20:13:09 PDT 2003\npatches/packages/glibc-2.3.1-i386-4.tgz: Patched, recompiled.\n (* Security fix *)\npatches/packages/glibc-debug-2.3.1-i386-4.tgz: Patched, recompiled.\n (* Security fix *)\npatches/packages/glibc-i18n-2.3.1-noarch-4.tgz: Rebuilt.\npatches/packages/glibc-profile-2.3.1-i386-4.tgz: Patched, recompiled.\n (* Security fix *)\npatches/packages/glibc-solibs-2.3.1-i386-4.tgz: Patched a buffer overflow in\n some dead code (xdrmem_getbytes(), which we couldn't find used by anything,\n but it doesn't hurt to patch it anyway)\n (* Security fix *)\npatches/packages/glibc-zoneinfo-2.3.1-noarch-4.tgz: Rebuilt.\n\nWHERE TO FIND THE NEW PACKAGES:\n\nUpdated packages for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/glibc-2.2.5-i386-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/glibc-solibs-2.2.5-i386-4.tgz\n\nUpdated packages for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-2.3.1-i386-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-debug-2.3.1-i386-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-i18n-2.3.1-noarch-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-profile-2.3.1-i386-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-solibs-2.3.1-i386-4.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/glibc-zoneinfo-2.3.1-noarch-4.tgz\n\n\n\nMD5 SIGNATURES:\n\nSlackware 8.1 packages:\nae235701abcccdc726789c9af5a0eb7b glibc-2.2.5-i386-4.tgz\n83714476158d8f93a1f597bfdc6945e7 glibc-solibs-2.2.5-i386-4.tgz\n\nSlackware 9.0 packages:\n98fb90ce972b42bf5731bc71a722832a glibc-2.3.1-i386-4.tgz\n9f2c944389f25dfe1c1dcb13210d9dc4 glibc-debug-2.3.1-i386-4.tgz\nfa9fe934fe1dde4c134021e39aadaf7e glibc-i18n-2.3.1-noarch-4.tgz\n1b264af8e047fa9378169bb4f8a9836f glibc-profile-2.3.1-i386-4.tgz\n7c31f7602c54262c1e3ae16e59f8e0d6 glibc-solibs-2.3.1-i386-4.tgz\n35b89aa808f4e7c8424f50eab73d824a glibc-zoneinfo-2.3.1-noarch-4.tgz\n\n\n\nINSTALLATION INSTRUCTIONS:\n\nUpgrade using upgradepkg (as root):\n\nupgradepkg glibc-*.tgz", "modified": "2003-05-21T20:31:08", "published": "2003-05-21T20:31:08", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.424088", "id": "SSA-2003-141-03", "title": "glibc XDR overflow fix", "type": "slackware", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-02-02T18:11:38", "bulletinFamily": "unix", "description": "New EPIC4 packages are available to fix security problems found\nby Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client.\nUnder certain circumstances, a malicious IRC server could cause\nEPIC4 to crash, or possibly to run arbitrary code as the user\nrunning EPIC4.\n\nAll sites running EPIC4 are advised to upgrade.\n\nMore information on the problem can be found here:\n\nHere are the details from the Slackware 9.0 ChangeLog:\n\nTue May 20 20:13:09 PDT 2003\npatches/packages/epic4-1.0.1-i386-3.tgz: Patched a buffer overflow in ctcp.c.\n (* Security fix *)\n\nWHERE TO FIND THE NEW PACKAGES:\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/epic4-1.0.1-i386-3.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/epic4-1.0.1-i386-3.tgz\n\n\n\nMD5 SIGNATURES:\n\nSlackware 8.1 package:\n4593af7c875770e1eadbb00b39b1de7a epic4-1.0.1-i386-3.tgz\n\nSlackware 9.0 package:\n9b3a389255484d9a2ff7ea0e8caacbc4 epic4-1.0.1-i386-3.tgz\n\n\n\nINSTALLATION INSTRUCTIONS:\n\nUpgrade using upgradepkg (as root):\n\nupgradepkg epic4-1.0.1-i386-3.tgz", "modified": "2003-05-21T20:24:19", "published": "2003-05-21T20:24:19", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.297182", "id": "SSA-2003-141-01", "type": "slackware", "title": "EPIC4 security fixes", "cvss": {"score": 0.0, "vector": "NONE"}}]}