Security Updates for Microsoft Visual Studio Products (February 2021)

2021-02-11T00:00:00

Description

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-1639) - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-1721)

{"id": "SMB_NT_MS21_FEB_VISUAL_STUDIO.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Security Updates for Microsoft Visual Studio Products (February 2021)", "description": "The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-1639)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-1721)", "published": "2021-02-11T00:00:00", "modified": "2022-06-27T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/146426", "reporter": "This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?36441616", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1721", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1639", "http://www.nessus.org/u?e76766af", "http://www.nessus.org/u?9a39d8e5", "http://www.nessus.org/u?d4ce25eb"], "cvelist": ["CVE-2021-1639", "CVE-2021-1721"], "immutableFields": [], "lastseen": "2023-01-11T14:42:29", "viewCount": 38, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["4F76504CCAFE6E562C9FB2636660CFA5", "6472C55C9EA040D617C019CD79C3E2CB", "A79ABD32554168DE45BD55276F34348A", "BAFE231A4347F94C33202F64C1366389", "DDFD2EC40E6FE92AFF08650EE35A70ED"]}, {"type": "archlinux", "idList": ["ASA-202103-16", "ASA-202103-17"]}, {"type": "cve", "idList": ["CVE-2021-1639", "CVE-2021-1721"]}, {"type": "fedora", "idList": ["FEDORA:37DD030946F6", "FEDORA:66FF230BA179", "FEDORA:72CCD30934AA", "FEDORA:AD6B030BBFB2"]}, {"type": "github", "idList": ["GHSA-3GP9-H8HW-PXPW"]}, {"type": "kaspersky", "idList": ["KLA12073"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3C358DDA439A247A9677866AFE8FA961"]}, {"type": "mscve", "idList": ["MS:CVE-2021-1639", "MS:CVE-2021-1721"]}, {"type": "nessus", "idList": ["FEDORA_2021-48CA39B6AD.NASL", "FEDORA_2021-56E894D5CA.NASL", "FEDORA_2021-B881EE9839.NASL", "FEDORA_2021-C3D7FC8949.NASL", "MACOSX_MS21_FEB_DOTNET_CORE.NASL", "MACOS_MS21_JUN_DOTNET_CORE.NASL", "MICROSOFT_VISUAL_STUDIO_CODE_1_53_1.NASL", "ORACLELINUX_ELSA-2021-0471.NASL", "ORACLELINUX_ELSA-2021-0474.NASL", "ORACLELINUX_ELSA-2021-0476.NASL", "REDHAT-RHSA-2021-0470.NASL", "REDHAT-RHSA-2021-0471.NASL", "REDHAT-RHSA-2021-0472.NASL", "REDHAT-RHSA-2021-0473.NASL", "REDHAT-RHSA-2021-0474.NASL", "REDHAT-RHSA-2021-0476.NASL", "SMB_NT_MS21_FEB_ASPDOTNET_CORE.NASL", "SMB_NT_MS21_FEB_DOTNET_CORE.NASL", "SMB_NT_MS21_FEB_DOTNET_CORE_SDK.NASL", "SMB_NT_MS21_JUN_DOTNET_CORE.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-0471", "ELSA-2021-0474", "ELSA-2021-0476"]}, {"type": "osv", "idList": ["OSV:GHSA-3GP9-H8HW-PXPW"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:44EA89871AFF6881B909B9FD0E07034F"]}, {"type": "redhat", "idList": ["RHSA-2021:0470", "RHSA-2021:0471", "RHSA-2021:0472", "RHSA-2021:0473", "RHSA-2021:0474", "RHSA-2021:0476"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-1721"]}, {"type": "threatpost", "idList": ["THREATPOST:1502920D4F50B0D128077B515815C023"]}]}, "score": {"value": 0.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-202103-16", "ASA-202103-17"]}, {"type": "cve", "idList": ["CVE-2021-1639", "CVE-2021-1721"]}, {"type": "fedora", "idList": ["FEDORA:37DD030946F6", "FEDORA:66FF230BA179", "FEDORA:72CCD30934AA", "FEDORA:AD6B030BBFB2"]}, {"type": "kaspersky", "idList": ["KLA12073"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3C358DDA439A247A9677866AFE8FA961"]}, {"type": "mscve", "idList": ["MS:CVE-2021-1639", "MS:CVE-2021-1721"]}, {"type": "nessus", "idList": ["FEDORA_2021-48CA39B6AD.NASL", "FEDORA_2021-56E894D5CA.NASL", "FEDORA_2021-B881EE9839.NASL", "FEDORA_2021-C3D7FC8949.NASL", "MACOSX_MS21_FEB_DOTNET_CORE.NASL", "MICROSOFT_VISUAL_STUDIO_CODE_1_53_1.NASL", "ORACLELINUX_ELSA-2021-0471.NASL", "ORACLELINUX_ELSA-2021-0474.NASL", "ORACLELINUX_ELSA-2021-0476.NASL", "REDHAT-RHSA-2021-0470.NASL", "REDHAT-RHSA-2021-0471.NASL", "REDHAT-RHSA-2021-0472.NASL", "REDHAT-RHSA-2021-0473.NASL", "REDHAT-RHSA-2021-0474.NASL", "REDHAT-RHSA-2021-0476.NASL", "SMB_NT_MS21_FEB_ASPDOTNET_CORE.NASL", "SMB_NT_MS21_FEB_DOTNET_CORE.NASL", "SMB_NT_MS21_FEB_DOTNET_CORE_SDK.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813197"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-0471", "ELSA-2021-0474", "ELSA-2021-0476"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:44EA89871AFF6881B909B9FD0E07034F"]}, {"type": "redhat", "idList": ["RHSA-2021:0476"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-1721"]}, {"type": "threatpost", "idList": ["THREATPOST:1502920D4F50B0D128077B515815C023"]}]}, "exploitation": null, "vulnersScore": 0.6}, "_state": {"dependencies": 1673456498, "score": 1673457891}, "_internal": {"score_hash": "6b5a417fb0dc6ca26243e02209ff313d"}, "pluginID": "146426", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146426);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/27\");\n\n script_cve_id(\"CVE-2021-1639\", \"CVE-2021-1721\");\n script_xref(name:\"IAVA\", value:\"2021-A-0074-S\");\n\n script_name(english:\"Security Updates for Microsoft Visual Studio Products (February 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visual Studio Products are affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-1639)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-1721)\");\n # https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes#15.9.32\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?36441616\");\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.4#16.4.18\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9a39d8e5\");\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.7#16.7.11\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e76766af\");\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes#16.8.5\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d4ce25eb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue:\n - Update 15.9.32 for Visual Studio 2017\n - Update 16.4.18 for Visual Studio 2019\n - Update 16.7.11 for Visual Studio 2019\n - Update 16.8.5 for Visual Studio 2019\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1639\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_visual_studio_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\", \"installed_sw/Microsoft Visual Studio\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('install_func.inc');\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\n\nget_kb_item_or_exit('installed_sw/Microsoft Visual Studio');\n\nport = kb_smb_transport();\nappname = 'Microsoft Visual Studio';\ninstalls = get_installs(app_name:appname, exit_if_not_found:TRUE);\nreport = '';\n\nforeach install (installs[1])\n{\n version = install['version'];\n path = install['path'];\n prod = install['product_version'];\n fix = '';\n\n # https://docs.microsoft.com/en-us/visualstudio/install/visual-studio-build-numbers-and-release-dates?view=vs-2017\n #\n # VS 2017\n if (prod == '2017')\n {\n fix = '15.9.28307.1382';\n\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # https://docs.microsoft.com/en-us/visualstudio/install/visual-studio-build-numbers-and-release-dates?view=vs-2019\n #\n # VS 2019 Version 16.4\n else if (prod == '2019' && version =~ \"^16\\.[0-4]\\.\")\n {\n fix = '16.4.30928.142';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.7\n else if (prod == '2019' && version =~ \"^16\\.[5-7]\\.\")\n {\n fix = '16.7.30928.143';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.8\n else if (prod == '2019' && version =~ \"^16\\.8\\.\")\n {\n fix = '16.8.31005.135';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n}\n\nhotfix_check_fversion_end();\n\nif (empty(report))\n audit(AUDIT_INST_VER_NOT_VULN, appname);\n\nsecurity_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n", "naslFamily": "Windows : Microsoft Bulletins", "cpe": ["cpe:/a:microsoft:visual_studio"], "solution": "Microsoft has released the following security updates to address this issue:\n - Update 15.9.32 for Visual Studio 2017\n - Update 16.4.18 for Visual Studio 2019\n - Update 16.7.11 for Visual Studio 2019\n - Update 16.8.5 for Visual Studio 2019", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2021-1639", "vendor_cvss2": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-02-09T00:00:00", "vulnerabilityPublicationDate": "2021-02-09T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-01-11T14:43:44", "description": "An arbitrary code execution vulnerability exists in Microsoft Visual Studio Code. An unauthenticated, local attacker can exploit this by persuading a victim to open specially-crafted content which could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-02-12T00:00:00", "type": "nessus", "title": "Security Update for Microsoft Visual Studio Code (Feb 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1639"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio_code"], "id": "MICROSOFT_VISUAL_STUDIO_CODE_1_53_1.NASL", "href": "https://www.tenable.com/plugins/nessus/146449", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146449);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2021-1639\");\n script_xref(name:\"IAVA\", value:\"2021-A-0077-S\");\n\n script_name(english:\"Security Update for Microsoft Visual Studio Code (Feb 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An arbitrary code execution vulnerability exists in Microsoft Visual Studio Code. An unauthenticated, local attacker can\nexploit this by persuading a victim to open specially-crafted content which could exploit this vulnerability to execute\narbitrary code on the system with privileges of the victim.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1639\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?60804795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://code.visualstudio.com/updates/v1_53\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Visual Studio Code to 1.53.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1639\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio_code\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"microsoft_visual_studio_code_installed.nbin\", \"microsoft_visual_studio_code_win_user_installed.nbin\", \"microsoft_visual_studio_code_linux_installed.nbin\", \"macosx_microsoft_visual_studio_code_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Visual Studio Code\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nos = get_kb_item_or_exit(\"Host/OS\");\nif (tolower(os) =~ 'windows')\n{\n get_kb_item_or_exit('SMB/Registry/Enumerated');\n app_info = vcf::get_app_info(app:'Microsoft Visual Studio Code', win_local:TRUE);\n}\nelse if (tolower(os) =~ 'linux|mac os')\n{\n get_kb_item_or_exit('Host/local_checks_enabled');\n app_info = vcf::get_app_info(app:'Visual Studio Code');\n}\nelse\n{\n audit(AUDIT_OS_NOT,'affected');\n}\n\nconstraints = [\n { 'min_version':'0.0', 'fixed_version' : '1.53.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:41:44", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0472 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 7 : .NET Core 3.1 on Red Hat Enterprise Linux (RHSA-2021:0472)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-runtime-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-apphost-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-hostfxr-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-runtime-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-sdk-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-templates-3.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-netstandard-targeting-pack-2.1"], "id": "REDHAT-RHSA-2021-0472.NASL", "href": "https://www.tenable.com/plugins/nessus/146382", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0472. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146382);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0472\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 7 : .NET Core 3.1 on Red Hat Enterprise Linux (RHSA-2021:0472)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0472 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-dotnet-templates-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet31-netstandard-targeting-pack-2.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-dotnet31-aspnetcore-runtime-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-3.1.112-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-apphost-pack-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-host-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-hostfxr-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-runtime-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-sdk-3.1-3.1.112-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-targeting-pack-3.1-3.1.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-dotnet-templates-3.1-3.1.112-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'},\n {'reference':'rh-dotnet31-netstandard-targeting-pack-2.1-3.1.112-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet31'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-dotnet31-aspnetcore-runtime-3.1 / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T14:41:46", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0473 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 7 : .NET 5.0 on Red Hat Enterprise Linux (RHSA-2021:0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-aspnetcore-runtime-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-aspnetcore-targeting-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-apphost-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-hostfxr-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-runtime-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-sdk-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-targeting-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-templates-5.0", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-netstandard-targeting-pack-2.1"], "id": "REDHAT-RHSA-2021-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/146380", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0473. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146380);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0473\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 7 : .NET 5.0 on Red Hat Enterprise Linux (RHSA-2021:0473)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0473 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-aspnetcore-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-aspnetcore-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-apphost-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-hostfxr-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-sdk-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-dotnet-templates-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet50-netstandard-targeting-pack-2.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-dotnet50-aspnetcore-runtime-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-5.0.103-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-apphost-pack-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-host-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-hostfxr-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-runtime-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-sdk-5.0-5.0.103-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-targeting-pack-5.0-5.0.3-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-dotnet-templates-5.0-5.0.103-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'},\n {'reference':'rh-dotnet50-netstandard-targeting-pack-2.1-5.0.103-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet50'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-dotnet50-aspnetcore-runtime-5.0 / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T14:41:52", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0470 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 7 : .NET Core 2.1 on Red Hat Enterprise Linux (RHSA-2021:0470)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.5xx", "p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-runtime"], "id": "REDHAT-RHSA-2021-0470.NASL", "href": "https://www.tenable.com/plugins/nessus/146379", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0470. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146379);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0470\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 7 : .NET Core 2.1 on Red Hat Enterprise Linux (RHSA-2021:0470)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0470 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.5xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-runtime\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/dotnet/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/dotnet/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-dotnet21-2.1-24.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-dotnet-2.1.521-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-dotnet-host-2.1.25-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-dotnet-runtime-2.1-2.1.25-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-dotnet-sdk-2.1-2.1.521-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.521-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'},\n {'reference':'rh-dotnet21-runtime-2.1-24.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rh-dotnet21'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-dotnet21 / rh-dotnet21-dotnet / rh-dotnet21-dotnet-host / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T14:42:32", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0471 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 8 : dotnet3.1 (RHSA-2021:0471)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-3.1", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-3.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-templates-3.1"], "id": "REDHAT-RHSA-2021-0471.NASL", "href": "https://www.tenable.com/plugins/nessus/146383", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0471. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146383);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0471\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 8 : dotnet3.1 (RHSA-2021:0471)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0471 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0471\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-templates-3.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-3.1-3.1.112-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-3.1-3.1.12-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-3.1-3.1.112-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-3.1-3.1.112-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-3.1-3.1.12-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-3.1-3.1.112-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-3.1-3.1.112-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-3.1-3.1.12-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-3.1-3.1.112-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-3.1 / aspnetcore-targeting-pack-3.1 / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T14:42:33", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0474 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 8 : dotnet (RHSA-2021:0474)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx"], "id": "REDHAT-RHSA-2021-0474.NASL", "href": "https://www.tenable.com/plugins/nessus/146378", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0474. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146378);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0474\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 8 : dotnet (RHSA-2021:0474)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0474 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'dotnet-host-fxr-2.1-2.1.25-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-2.1-2.1.25-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1-2.1.521-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1.5xx-2.1.521-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'dotnet-host-fxr-2.1-2.1.25-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-2.1-2.1.25-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1-2.1.521-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1.5xx-2.1.521-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'dotnet-host-fxr-2.1-2.1.25-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-2.1-2.1.25-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1-2.1.521-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-2.1.5xx-2.1.521-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet-host-fxr-2.1 / dotnet-runtime-2.1 / dotnet-sdk-2.1 / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T14:42:51", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0476 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "RHEL 8 : dotnet5.0 (RHSA-2021:0476)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-5.0", "p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet", "p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet-host", "p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-5.0", "p-cpe:/a:redhat:enterprise_linux:dotnet-templates-5.0", "p-cpe:/a:redhat:enterprise_linux:netstandard-targeting-pack-2.1"], "id": "REDHAT-RHSA-2021-0476.NASL", "href": "https://www.tenable.com/plugins/nessus/146381", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0476. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146381);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"RHSA\", value:\"2021:0476\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"RHEL 8 : dotnet5.0 (RHSA-2021:0476)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0476 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926918\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(674);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:aspnetcore-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-apphost-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-hostfxr-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dotnet-templates-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netstandard-targeting-pack-2.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-5.0.103-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-host-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-5.0-5.0.103-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-5.0-5.0.3-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-5.0-5.0.103-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netstandard-targeting-pack-2.1-5.0.103-1.el8_3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-5.0.103-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-host-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-5.0-5.0.103-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-5.0-5.0.3-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-5.0-5.0.103-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netstandard-targeting-pack-2.1-5.0.103-1.el8_3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'aspnetcore-runtime-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'aspnetcore-targeting-pack-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-5.0.103-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-apphost-pack-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-host-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-hostfxr-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-runtime-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-sdk-5.0-5.0.103-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-targeting-pack-5.0-5.0.3-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dotnet-templates-5.0-5.0.103-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netstandard-targeting-pack-2.1-5.0.103-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-5.0 / aspnetcore-targeting-pack-5.0 / dotnet / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-22T15:22:50", "description": "The Microsoft .NET Core installation on the remote host is version 2.1.x prior to 2.1.25, 3.1.x prior to 3.1.126, or 5.x prior to 5.0.3. It is, therefore, affected by a denial of service vulnerability when creating HTTPS web requests during X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-09T00:00:00", "type": "nessus", "title": "Security Update for .NET Core (February 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-06-11T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "SMB_NT_MS21_FEB_DOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/146328", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146328);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/11\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"Security Update for .NET Core (February 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by a .NET Core denial of service (DoS) vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Core installation on the remote host is version 2.1.x prior to 2.1.25, 3.1.x prior to 3.1.126, or\n5.x prior to 5.0.3. It is, therefore, affected by a denial of service vulnerability when creating HTTPS web requests\nduring X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to\nstop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/2.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/175\");\n # https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.25/2.1.25.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2455d834\");\n # https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.12/3.1.12.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a75f459e\");\n # https://github.com/dotnet/core/blob/master/release-notes/5.0/5.0.3/5.0.3.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?51c16faa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update .NET Core, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_dotnet_core_win.nbin\");\n script_require_keys(\"installed_sw/.NET Core Windows\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = '.NET Core Windows';\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.1', 'fixed_version' : '2.1.25' },\n { 'min_version' : '3.1', 'fixed_version' : '3.1.12' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-22T15:31:01", "description": "The Microsoft .NET Core installation on the remote host is version 3.1.x prior to 3.1.16, 5.x prior to 5.0.7. It is, therefore, affected by a denial of service vulnerability. An unauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-06-11T00:00:00", "type": "nessus", "title": "Security Update for .NET Core (June 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "SMB_NT_MS21_JUN_DOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/150708", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150708);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Security Update for .NET Core (June 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by a .NET Core denial of service (DoS) vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Core installation on the remote host is version 3.1.x prior to 3.1.16, 5.x prior to 5.0.7. \nIt is, therefore, affected by a denial of service vulnerability. An unauthenticated, remote attacker can exploit\nthis to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n # https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.16/3.1.16.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf839a13\");\n # https://github.com/dotnet/core/blob/main/release-notes/5.0/5.0.7/5.0.7.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c41b94c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update .NET Core, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_dotnet_core_win.nbin\");\n script_require_keys(\"installed_sw/.NET Core Windows\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = '.NET Core Windows';\nvar app_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nvar constraints = [\n { 'min_version' : '3.1', 'fixed_version' : '3.1.16' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.7' },\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:25:00", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0474 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-16T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : dotnet (ELSA-2021-0474)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-03-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:dotnet-host-fxr-2.1", "p-cpe:/a:oracle:linux:dotnet-runtime-2.1", "p-cpe:/a:oracle:linux:dotnet-sdk-2.1", "p-cpe:/a:oracle:linux:dotnet-sdk-2.1.5xx"], "id": "ORACLELINUX_ELSA-2021-0474.NASL", "href": "https://www.tenable.com/plugins/nessus/146546", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-0474.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146546);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/01\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Oracle Linux 8 : dotnet (ELSA-2021-0474)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2021-0474 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-0474.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-host-fxr-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-runtime-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-2.1.5xx\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\npkgs = [\n {'reference':'dotnet-host-fxr-2.1-2.1.25-1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-runtime-2.1-2.1.25-1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-sdk-2.1-2.1.521-1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-sdk-2.1.5xx-2.1.521-1.el8_3', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet-host-fxr-2.1 / dotnet-runtime-2.1 / dotnet-sdk-2.1 / etc');\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:31:33", "description": "The Microsoft .NET Core installation on the remote host is version 3.1.x prior to 3.1.16, 5.x prior to 5.0.7. It is, therefore, affected by a denial of service vulnerability. An unauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-06-11T00:00:00", "type": "nessus", "title": "Security Update for .NET Core (June 2021) (macOS)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "MACOS_MS21_JUN_DOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/150707", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150707);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Security Update for .NET Core (June 2021) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote macOS host is affected by a .NET Core denial of service (DoS) vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Core installation on the remote host is version 3.1.x prior to 3.1.16, 5.x prior to 5.0.7. \nIt is, therefore, affected by a denial of service vulnerability. An unauthenticated, remote attacker can exploit\nthis to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n # https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.16/3.1.16.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf839a13\");\n # https://github.com/dotnet/core/blob/main/release-notes/5.0/5.0.7/5.0.7.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c41b94c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update .NET Core, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_dotnet_core_installed.nbin\");\n script_require_keys(\"installed_sw/.NET Core MacOS\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = '.NET Core MacOS';\nvar app_info = vcf::get_app_info(app:app);\n\nvar constraints = [\n { 'min_version' : '3.1', 'fixed_version' : '3.1.16' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.7' },\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:24:22", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0476 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-11T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : dotnet5.0 (ELSA-2021-0476)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-03-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:aspnetcore-runtime-5.0", "p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-5.0", "p-cpe:/a:oracle:linux:dotnet", "p-cpe:/a:oracle:linux:dotnet-apphost-pack-5.0", "p-cpe:/a:oracle:linux:dotnet-host", "p-cpe:/a:oracle:linux:dotnet-hostfxr-5.0", "p-cpe:/a:oracle:linux:dotnet-runtime-5.0", "p-cpe:/a:oracle:linux:dotnet-sdk-5.0", "p-cpe:/a:oracle:linux:dotnet-targeting-pack-5.0", "p-cpe:/a:oracle:linux:dotnet-templates-5.0", "p-cpe:/a:oracle:linux:netstandard-targeting-pack-2.1"], "id": "ORACLELINUX_ELSA-2021-0476.NASL", "href": "https://www.tenable.com/plugins/nessus/146441", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-0476.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146441);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/01\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Oracle Linux 8 : dotnet5.0 (ELSA-2021-0476)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2021-0476 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-0476.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-apphost-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-hostfxr-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-runtime-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-targeting-pack-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-templates-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netstandard-targeting-pack-2.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\npkgs = [\n {'reference':'aspnetcore-runtime-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'aspnetcore-targeting-pack-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-5.0.103-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-apphost-pack-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-host-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-hostfxr-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-runtime-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-sdk-5.0-5.0.103-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-targeting-pack-5.0-5.0.3-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-templates-5.0-5.0.103-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'netstandard-targeting-pack-2.1-5.0.103-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-5.0 / aspnetcore-targeting-pack-5.0 / dotnet / etc');\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:23:55", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0471 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-11T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : dotnet3.1 (ELSA-2021-0471)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-03-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:aspnetcore-runtime-3.1", "p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-3.1", "p-cpe:/a:oracle:linux:dotnet-apphost-pack-3.1", "p-cpe:/a:oracle:linux:dotnet-hostfxr-3.1", "p-cpe:/a:oracle:linux:dotnet-runtime-3.1", "p-cpe:/a:oracle:linux:dotnet-sdk-3.1", "p-cpe:/a:oracle:linux:dotnet-targeting-pack-3.1", "p-cpe:/a:oracle:linux:dotnet-templates-3.1"], "id": "ORACLELINUX_ELSA-2021-0471.NASL", "href": "https://www.tenable.com/plugins/nessus/146438", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-0471.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146438);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/01\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Oracle Linux 8 : dotnet3.1 (ELSA-2021-0471)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2021-0471 advisory.\n\n - dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-0471.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:aspnetcore-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-apphost-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-hostfxr-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-runtime-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-sdk-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-targeting-pack-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dotnet-templates-3.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\npkgs = [\n {'reference':'aspnetcore-runtime-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'aspnetcore-targeting-pack-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-apphost-pack-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-hostfxr-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-runtime-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-sdk-3.1-3.1.112-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-targeting-pack-3.1-3.1.12-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'},\n {'reference':'dotnet-templates-3.1-3.1.112-1.0.1.el8_3', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'aspnetcore-runtime-3.1 / aspnetcore-targeting-pack-3.1 / dotnet-apphost-pack-3.1 / etc');\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:23:58", "description": "The Microsoft .NET Core SDK installation on the remote host is version 2.1.x prior to 2.1.521, 2.1.6xx prior to 2.1.813, 3.1.x prior to 3.1.112, 3.1.2xx prior to 3.1.406, or 5.x prior to 5.0.103. It is, therefore, affected by a denial of service vulnerability when creating HTTPS web requests during X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-09T00:00:00", "type": "nessus", "title": "Security Update for .NET Core SDK (February 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-06-11T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "SMB_NT_MS21_FEB_DOTNET_CORE_SDK.NASL", "href": "https://www.tenable.com/plugins/nessus/146346", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146346);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/11\");\n\n script_cve_id(\"CVE-2021-1721\");\n script_xref(name:\"IAVA\", value:\"2021-A-0091-S\");\n\n script_name(english:\"Security Update for .NET Core SDK (February 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by a .NET Core SDK denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Core SDK installation on the remote host is version 2.1.x prior to 2.1.521, 2.1.6xx prior to\n2.1.813, 3.1.x prior to 3.1.112, 3.1.2xx prior to 3.1.406, or 5.x prior to 5.0.103. It is, therefore, affected by a\ndenial of service vulnerability when creating HTTPS web requests during X509 certificate chain building. An\nunauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/2.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/175\");\n # https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.25/2.1.25.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2455d834\");\n # https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.12/3.1.12.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a75f459e\");\n # https://github.com/dotnet/core/blob/master/release-notes/5.0/5.0.3/5.0.3.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?51c16faa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update .NET Core SDK, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/09\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_dotnet_core_sdk_win.nbin\");\n script_require_keys(\"installed_sw/.NET Core SDK Windows\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = '.NET Core SDK Windows';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.1', 'fixed_version' : '2.1.521' },\n { 'min_version' : '2.1.600', 'fixed_version' : '2.1.813' },\n { 'min_version' : '3.1', 'fixed_version' : '3.1.112' },\n { 'min_version' : '3.1.200', 'fixed_version' : '3.1.406' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.103' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-23T14:24:41", "description": "The Microsoft ASP.NET Core installation on the remote host is version 2.1.x prior to 2.1.25, 3.1.x prior to 3.1.126, or 5.x prior to 5.0.3. It is, therefore, affected by a denial of service vulnerability when creating HTTPS web requests during X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to stop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-09T00:00:00", "type": "nessus", "title": "Security Update for Microsoft ASP.NET Core (February 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:microsoft:asp.net_core"], "id": "SMB_NT_MS21_FEB_ASPDOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/146344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146344);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2021-1721\");\n\n script_name(english:\"Security Update for Microsoft ASP.NET Core (February 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft ASP.NET Core installations on the remote host contain vulnerable packages.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft ASP.NET Core installation on the remote host is version 2.1.x prior to 2.1.25, 3.1.x prior to 3.1.126, or\n5.x prior to 5.0.3. It is, therefore, affected by a denial of service vulnerability when creating HTTPS web requests\nduring X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to\nstop responding.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/2.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/175\");\n # https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.25/2.1.25.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2455d834\");\n # https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.12/3.1.12.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a75f459e\");\n # https://github.com/dotnet/core/blob/master/release-notes/5.0/5.0.3/5.0.3.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?51c16faa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update ASP.NET Core, remove vulnerable packages and refer to vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:asp.net_core\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_asp_dotnet_core_win.nbin\");\n script_require_keys(\"installed_sw/ASP .NET Core Windows\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'ASP .NET Core Windows';\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.1', 'fixed_version' : '2.1.25' },\n { 'min_version' : '3.1', 'fixed_version' : '3.1.12' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:42:59", "description": "The Microsoft .NET Core runtime installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service vulnerability exists in .NET Core when creating HTTPS web requests during X509 certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application to stop responding. (CVE-2021-1721)\n\n - A remote code execution vulnerability exists in .NET Core when parsing certain types of graphics files. An unauthenticated, remote attacker can exploit this to execute arbitrary code. This vulnerability only exists on systems running on macOS or Linux. (CVE-2021-24112)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-09T00:00:00", "type": "nessus", "title": "Security Update for .NET Core (February 2021) (macOS)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "cpe": ["cpe:/a:microsoft:.net_core"], "id": "MACOSX_MS21_FEB_DOTNET_CORE.NASL", "href": "https://www.tenable.com/plugins/nessus/146347", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146347);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/01\");\n\n script_cve_id(\"CVE-2021-1721\", \"CVE-2021-24112\");\n\n script_name(english:\"Security Update for .NET Core (February 2021) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft .NET Core runtime installed on the remote macOS or Mac OS X host is missing a security update. It is,\ntherefore, affected by multiple vulnerabilities:\n\n - A denial of service vulnerability exists in .NET Core when creating HTTPS web requests during X509\n certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application\n to stop responding. (CVE-2021-1721)\n\n - A remote code execution vulnerability exists in .NET Core when parsing certain types of graphics files. An\n unauthenticated, remote attacker can exploit this to execute arbitrary code. This vulnerability only\n exists on systems running on macOS or Linux. (CVE-2021-24112)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/2.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet-core/3.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dotnet.microsoft.com/download/dotnet/5.0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/dotnet/announcements/issues/176\");\n # https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.25/2.1.25.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2455d834\");\n # https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.12/3.1.12.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a75f459e\");\n # https://github.com/dotnet/core/blob/master/release-notes/5.0/5.0.3/5.0.3.md\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?51c16faa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to .NET Core Runtime version 2.1.25, 3.1.2, 5.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24112\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_core\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_dotnet_core_installed.nbin\");\n script_require_keys(\"installed_sw/.NET Core MacOS\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = '.NET Core MacOS';\n\napp_info = vcf::get_app_info(app:app);\n\nconstraints = [\n { 'min_version' : '2.1', 'fixed_version' : '2.1.25' },\n { 'min_version' : '3.1', 'fixed_version' : '3.1.12' },\n { 'min_version' : '5.0', 'fixed_version' : '5.0.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:41:38", "description": "The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-48ca39b6ad advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-25T00:00:00", "type": "nessus", "title": "Fedora 32 : dotnet3.1 (2021-48ca39b6ad)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112", "CVE-2021-26701"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:dotnet3.1"], "id": "FEDORA_2021-48CA39B6AD.NASL", "href": "https://www.tenable.com/plugins/nessus/146856", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-48ca39b6ad\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146856);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\"CVE-2021-1721\", \"CVE-2021-24112\");\n script_xref(name:\"FEDORA\", value:\"2021-48ca39b6ad\");\n\n script_name(english:\"Fedora 32 : dotnet3.1 (2021-48ca39b6ad)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-48ca39b6ad advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-48ca39b6ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dotnet3.1 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24112\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet3.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 32', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'dotnet3.1-3.1.112-1.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet3.1');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:43:56", "description": "The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-56e894d5ca advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-25T00:00:00", "type": "nessus", "title": "Fedora 32 : dotnet5.0 (2021-56e894d5ca)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112", "CVE-2021-26701"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:dotnet5.0"], "id": "FEDORA_2021-56E894D5CA.NASL", "href": "https://www.tenable.com/plugins/nessus/146828", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-56e894d5ca\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146828);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\"CVE-2021-1721\", \"CVE-2021-24112\");\n script_xref(name:\"FEDORA\", value:\"2021-56e894d5ca\");\n\n script_name(english:\"Fedora 32 : dotnet5.0 (2021-56e894d5ca)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-56e894d5ca advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-56e894d5ca\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dotnet5.0 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24112\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet5.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 32', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'dotnet5.0-5.0.103-1.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet5.0');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:41:38", "description": "The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c3d7fc8949 advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-25T00:00:00", "type": "nessus", "title": "Fedora 33 : dotnet3.1 (2021-c3d7fc8949)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112", "CVE-2021-26701"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:33", "p-cpe:/a:fedoraproject:fedora:dotnet3.1"], "id": "FEDORA_2021-C3D7FC8949.NASL", "href": "https://www.tenable.com/plugins/nessus/146854", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-c3d7fc8949\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146854);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\"CVE-2021-1721\", \"CVE-2021-24112\");\n script_xref(name:\"FEDORA\", value:\"2021-c3d7fc8949\");\n\n script_name(english:\"Fedora 33 : dotnet3.1 (2021-c3d7fc8949)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-c3d7fc8949 advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-c3d7fc8949\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dotnet3.1 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24112\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet3.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 33', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'dotnet3.1-3.1.112-1.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet3.1');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:41:40", "description": "The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-b881ee9839 advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-22T00:00:00", "type": "nessus", "title": "Fedora 33 : dotnet5.0 (2021-b881ee9839)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112", "CVE-2021-26701"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:33", "p-cpe:/a:fedoraproject:fedora:dotnet5.0"], "id": "FEDORA_2021-B881EE9839.NASL", "href": "https://www.tenable.com/plugins/nessus/146691", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-b881ee9839\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146691);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\"CVE-2021-1721\", \"CVE-2021-24112\");\n script_xref(name:\"FEDORA\", value:\"2021-b881ee9839\");\n\n script_name(english:\"Fedora 33 : dotnet5.0 (2021-b881ee9839)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-b881ee9839 advisory.\n\n - .NET Core and Visual Studio Denial of Service Vulnerability (CVE-2021-1721)\n\n - .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. (CVE-2021-24112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-b881ee9839\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dotnet5.0 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24112\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dotnet5.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 33', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'dotnet5.0-5.0.103-1.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dotnet5.0');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mscve": [{"lastseen": "2022-10-03T16:28:29", "description": "Visual Studio Code Remote Code Execution Vulnerability", "edition": 1, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-02-09T08:00:00", "type": "mscve", "title": "Visual Studio Code Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1639"], "modified": "2021-02-09T08:00:00", "id": "MS:CVE-2021-1639", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1639", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-03T16:28:29", "description": ".NET Core and Visual Studio Denial of Service Vulnerability", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-09T08:00:00", "type": "mscve", "title": ".NET Core and Visual Studio Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-11T08:00:00", "id": "MS:CVE-2021-1721", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1721", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:56:18", "description": "Visual Studio Code Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-02-25T23:15:00", "type": "cve", "title": "CVE-2021-1639", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1639"], "modified": "2021-03-03T19:23:00", "cpe": ["cpe:/a:microsoft:visual_studio_2017:15.9", "cpe:/a:microsoft:visual_studio_2019:16.8", "cpe:/a:microsoft:visual_studio_code:-"], "id": "CVE-2021-1639", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1639", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_code:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:58:00", "description": ".NET Core and Visual Studio Denial of Service Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-25T23:15:00", "type": "cve", "title": "CVE-2021-1721", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-08-16T13:06:00", "cpe": ["cpe:/a:microsoft:.net_core:2.1.24", "cpe:/a:microsoft:powershell_core:7.1", "cpe:/a:microsoft:visual_studio_2019:16.8", "cpe:/a:microsoft:.net:5.0.2", "cpe:/a:microsoft:.net_core:3.1.11", "cpe:/a:microsoft:visual_studio_2017:15.9", "cpe:/a:microsoft:powershell_core:7.0"], "id": "CVE-2021-1721", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1721", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:powershell_core:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core:2.1.24:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:powershell_core:7.0:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2021-10-19T20:35:37", "description": ".NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.521 and .NET Core Runtime 2.1.25.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T16:21:42", "type": "redhat", "title": "(RHSA-2021:0470) Important: .NET Core 2.1 on Red Hat Enterprise Linux security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T16:35:55", "id": "RHSA-2021:0470", "href": "https://access.redhat.com/errata/RHSA-2021:0470", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:38:21", "description": ".NET is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.103 and .NET Runtime 5.0.3.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T17:20:28", "type": "redhat", "title": "(RHSA-2021:0476) Important: dotnet5.0 security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T17:26:33", "id": "RHSA-2021:0476", "href": "https://access.redhat.com/errata/RHSA-2021:0476", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:39:23", "description": ".NET is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.103 and .NET Runtime 5.0.3.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T16:27:18", "type": "redhat", "title": "(RHSA-2021:0473) Important: .NET 5.0 on Red Hat Enterprise Linux security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T16:47:28", "id": "RHSA-2021:0473", "href": "https://access.redhat.com/errata/RHSA-2021:0473", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:35:46", "description": ".NET Core is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.112 and .NET Core Runtime 3.1.12.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T16:22:34", "type": "redhat", "title": "(RHSA-2021:0471) Important: dotnet3.1 security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T16:27:44", "id": "RHSA-2021:0471", "href": "https://access.redhat.com/errata/RHSA-2021:0471", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:35:54", "description": ".NET Core is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 2.1.521 and .NET Core Runtime 2.1.25.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T17:12:40", "type": "redhat", "title": "(RHSA-2021:0474) Important: dotnet security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T17:18:54", "id": "RHSA-2021:0474", "href": "https://access.redhat.com/errata/RHSA-2021:0474", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:38:25", "description": ".NET Core is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.112 and .NET Core Runtime 3.1.12.\n\nSecurity Fix(es):\n\n* dotnet: certificate chain building recursion Denial of Service (CVE-2021-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-10T16:23:26", "type": "redhat", "title": "(RHSA-2021:0472) Important: .NET Core 3.1 on Red Hat Enterprise Linux security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-10T16:41:37", "id": "RHSA-2021:0472", "href": "https://access.redhat.com/errata/RHSA-2021:0472", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:54", "description": "[5.0.103-1.0.1]\n- Add support for new Oracle release\n[5.0.103-1]\n- Update to .NET SDK 5.0.103 and Runtime 5.0.3\n- Resolves: RHBZ#1924765", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-11T00:00:00", "type": "oraclelinux", "title": "dotnet5.0 security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-11T00:00:00", "id": "ELSA-2021-0476", "href": "http://linux.oracle.com/errata/ELSA-2021-0476.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:51", "description": "[3.1.112-1.0.1]\n- Update patch to support 8.3 (alexander.burmashev@oracle.com)\n- support OL release scheme (alexander.burmashev@oracle.com)\n[3.1.112-1]\n- Update to .NET Core SDK 3.1.112 and Runtime 3.1.12\n- Resolves: RHBZ#1923377", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-11T00:00:00", "type": "oraclelinux", "title": "dotnet3.1 security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-11T00:00:00", "id": "ELSA-2021-0471", "href": "http://linux.oracle.com/errata/ELSA-2021-0471.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:59", "description": "[2.1.521-1]\n- Update to .NET Core SDK 2.1.521 and Runtime 2.1.25\n- Resolves: RHBZ#1922272", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-16T00:00:00", "type": "oraclelinux", "title": "dotnet security and bugfix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2021-02-16T00:00:00", "id": "ELSA-2021-0474", "href": "http://linux.oracle.com/errata/ELSA-2021-0474.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "github": [{"lastseen": "2023-01-30T05:06:57", "description": ".NET Core and Visual Studio Denial of Service Vulnerability due to a vulnerability which exists when creating HTTPS web request during X509 certificate chain building.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-24T17:43:10", "type": "github", "title": "Denial of service in .NET core", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-01-30T05:01:26", "id": "GHSA-3GP9-H8HW-PXPW", "href": "https://github.com/advisories/GHSA-3gp9-h8hw-pxpw", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-02-01T08:11:43", "description": "A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-02-10T21:36:49", "type": "redhatcve", "title": "CVE-2021-1721", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-02-01T05:51:19", "id": "RH:CVE-2021-1721", "href": "https://access.redhat.com/security/cve/cve-2021-1721", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2023-02-06T05:21:50", "description": ".NET Core and Visual Studio Denial of Service Vulnerability due to a vulnerability which exists when creating HTTPS web request during X509 certificate chain building.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-24T17:43:10", "type": "osv", "title": "Denial of service in .NET core", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721"], "modified": "2023-02-06T05:21:47", "id": "OSV:GHSA-3GP9-H8HW-PXPW", "href": "https://osv.dev/vulnerability/GHSA-3gp9-h8hw-pxpw", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "kaspersky": [{"lastseen": "2023-02-08T15:48:11", "description": "### *Detect date*:\n02/09/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.\n\n### *Affected products*:\n.NET Core 2.1 \nMicrosoft Visual Studio 2019 version 16.8 \nVisual Studio Code \nMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6) \nMicrosoft .NET Framework 4.7.2 \n.NET Core 3.1 \nMicrosoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) \nVisual Studio Code - npm-script Extension \nMicrosoft .NET Framework 4.6 \n.NET 5.0 \nPsExec \nPackage Manager Configurations \nMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 4.8 \nMicrosoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-26701](<https://nvd.nist.gov/vuln/detail/CVE-2021-26701>) \n[CVE-2021-1639](<https://nvd.nist.gov/vuln/detail/CVE-2021-1639>) \n[CVE-2021-1733](<https://nvd.nist.gov/vuln/detail/CVE-2021-1733>) \n[CVE-2021-1721](<https://nvd.nist.gov/vuln/detail/CVE-2021-1721>) \n[CVE-2021-24105](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-24105>) \n[CVE-2021-26700](<https://nvd.nist.gov/vuln/detail/CVE-2021-26700>) \n[CVE-2021-24111](<https://nvd.nist.gov/vuln/detail/CVE-2021-24111>) \n[CVE-2021-24112](<https://nvd.nist.gov/vuln/detail/CVE-2021-24112>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2021-26701](<https://vulners.com/cve/CVE-2021-26701>)7.5Critical \n[CVE-2021-1639](<https://vulners.com/cve/CVE-2021-1639>)6.8High \n[CVE-2021-1733](<https://vulners.com/cve/CVE-2021-1733>)4.6Warning \n[CVE-2021-1721](<https://vulners.com/cve/CVE-2021-1721>)4.3Warning \n[CVE-2021-24105](<https://vulners.com/cve/CVE-2021-24105>)6.8High \n[CVE-2021-26700](<https://vulners.com/cve/CVE-2021-26700>)6.8High \n[CVE-2021-24111](<https://vulners.com/cve/CVE-2021-24111>)5.0Critical \n[CVE-2021-24112](<https://vulners.com/cve/CVE-2021-24112>)7.5Critical\n\n### *KB list*:\n[4601354](<http://support.microsoft.com/kb/4601354>) \n[4601318](<http://support.microsoft.com/kb/4601318>) \n[4602960](<http://support.microsoft.com/kb/4602960>) \n[4601056](<http://support.microsoft.com/kb/4601056>) \n[4603002](<http://support.microsoft.com/kb/4603002>) \n[4601050](<http://support.microsoft.com/kb/4601050>) \n[4603004](<http://support.microsoft.com/kb/4603004>) \n[4602961](<http://support.microsoft.com/kb/4602961>) \n[4602959](<http://support.microsoft.com/kb/4602959>) \n[4603003](<http://support.microsoft.com/kb/4603003>) \n[4601051](<http://support.microsoft.com/kb/4601051>) \n[4601887](<http://support.microsoft.com/kb/4601887>) \n[4601054](<http://support.microsoft.com/kb/4601054>) \n[4602958](<http://support.microsoft.com/kb/4602958>) \n[4603005](<http://support.microsoft.com/kb/4603005>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-09T00:00:00", "type": "kaspersky", "title": "KLA12073 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1639", "CVE-2021-1721", "CVE-2021-1733", "CVE-2021-24105", "CVE-2021-24111", "CVE-2021-24112", "CVE-2021-26700", "CVE-2021-26701"], "modified": "2021-02-16T00:00:00", "id": "KLA12073", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12073/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:52", "description": ".NET Core is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET Core contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-24T20:47:20", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: dotnet3.1-3.1.112-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-02-24T20:47:20", "id": "FEDORA:AD6B030BBFB2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HRIAFWQWRRHHKOJXL2HJCCPEAI6SYWSU/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": ".NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-21T01:20:39", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: dotnet5.0-5.0.103-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-02-21T01:20:39", "id": "FEDORA:72CCD30934AA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UO4OKPDZF6YHH6UJMNCUTQM3LXKI7JDC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": ".NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-24T20:47:25", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: dotnet5.0-5.0.103-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-02-24T20:47:25", "id": "FEDORA:37DD030946F6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WJXPR4EESXJRYOECNCCJA4W2T5D6ZAK2/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": ".NET Core is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET Core contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-24T20:43:16", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: dotnet3.1-3.1.112-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-02-24T20:43:16", "id": "FEDORA:66FF230BA179", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MEVCHYQB2VPO42YWCQNBECENL45FECPD/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:04:59", "description": "3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task [#266709](<https://git.altlinux.org/tasks/266709/>) \n--- \nFeb. 17, 2021 Vitaly Lipatov \n \n \n - .NET Core 3.1.12\n - CVE-2021-1721: .NET Core Denial of Service Vulnerability\n - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-01T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package dotnet-corefx-3.1 version 3.1.12-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "id": "A79ABD32554168DE45BD55276F34348A", "href": "https://packages.altlinux.org/en/p9/srpms/dotnet-corefx-3.1/2635321796807967218", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-10T03:05:05", "description": "3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task [#266709](<https://git.altlinux.org/tasks/266709/>) \n--- \nFeb. 17, 2021 Vitaly Lipatov \n \n \n - new version (3.1.12) with rpmgs script\n - CVE-2021-1721: .NET Core Denial of Service Vulnerability\n - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-01T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.12-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "id": "4F76504CCAFE6E562C9FB2636660CFA5", "href": "https://packages.altlinux.org/en/p9/srpms/dotnet-bootstrap-3.1/2635281107637457289", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-10T03:05:17", "description": "2.1.25-alt1 built March 1, 2021 Vitaly Lipatov in task [#266708](<https://git.altlinux.org/tasks/266708/>) \n--- \nFeb. 17, 2021 Vitaly Lipatov \n \n \n - new version (2.1.25) with rpmgs script\n - CVE-2021-1721: .NET Core Denial of Service Vulnerability\n - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-01T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package dotnet-coreclr-2.1 version 2.1.25-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "id": "BAFE231A4347F94C33202F64C1366389", "href": "https://packages.altlinux.org/en/p9/srpms/dotnet-coreclr-2.1/2635255870558856667", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-10T03:05:19", "description": "2.1.25-alt1 built March 1, 2021 Vitaly Lipatov in task [#266708](<https://git.altlinux.org/tasks/266708/>) \n--- \nFeb. 17, 2021 Vitaly Lipatov \n \n \n - new version (2.1.25) with rpmgs script\n - CVE-2021-1721: .NET Core Denial of Service Vulnerability\n - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-01T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package dotnet-bootstrap-2.1 version 2.1.25-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "id": "DDFD2EC40E6FE92AFF08650EE35A70ED", "href": "https://packages.altlinux.org/en/p9/srpms/dotnet-bootstrap-2.1/2635231920387586960", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-10T03:04:56", "description": "3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task [#266709](<https://git.altlinux.org/tasks/266709/>) \n--- \nFeb. 17, 2021 Vitaly Lipatov \n \n \n - ASP.NET Core 3.1.12\n - CVE-2021-1721: .NET Core Denial of Service Vulnerability\n - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-01T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package dotnet-aspnetcore-3.1 version 3.1.12-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-24112"], "modified": "2021-03-01T00:00:00", "id": "6472C55C9EA040D617C019CD79C3E2CB", "href": "https://packages.altlinux.org/en/p9/srpms/dotnet-aspnetcore-3.1/2635321930802432707", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:55", "description": "Arch Linux Security Advisory ASA-202103-17\n==========================================\n\nSeverity: High\nDate : 2021-03-25\nCVE-ID : CVE-2021-1721 CVE-2021-1723 CVE-2021-24112\nPackage : dotnet-sdk\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1449\n\nSummary\n=======\n\nThe package dotnet-sdk before version 5.0.3.sdk103-2 is vulnerable to\nmultiple issues including arbitrary code execution and denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 5.0.3.sdk103-2.\n\n# pacman -Syu \"dotnet-sdk>=5.0.3.sdk103-2\"\n\nThe problems have been fixed upstream in version 5.0.3.sdk103.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-1721 (denial of service)\n\nA security issue was found in dotnet-core before version 3.1.12. A\ndenial-of-service vulnerability exists when creating HTTPS web request\nduring X509 certificate chain building.\n\n- CVE-2021-1723 (denial of service)\n\nA flaw was found in dotnet-core before version 3.1.11. Running\ncallbacks outside of locks results in Krestel deadlock using HTTP2.\n\n- CVE-2021-24112 (arbitrary code execution)\n\nA remote code execution vulnerability exists in dotnet-core before\nversion 3.1.12 when parsing certain types of graphics files. This\nvulnerability only exists on systems running on MacOS or Linux.\n\nImpact\n======\n\nA malicious client can send crafted HTTP requests and crash the server,\nor execute arbitrary code by reading a crafted file.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/69317\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1721\nhttps://github.com/dotnet/announcements/issues/175\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723\nhttps://github.com/dotnet/announcements/issues/170\nhttps://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24112\nhttps://github.com/dotnet/announcements/issues/176\nhttps://security.archlinux.org/CVE-2021-1721\nhttps://security.archlinux.org/CVE-2021-1723\nhttps://security.archlinux.org/CVE-2021-24112", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-25T00:00:00", "type": "archlinux", "title": "[ASA-202103-17] dotnet-sdk: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-1723", "CVE-2021-24112"], "modified": "2021-03-25T00:00:00", "id": "ASA-202103-17", "href": "https://security.archlinux.org/ASA-202103-17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:33:55", "description": "Arch Linux Security Advisory ASA-202103-16\n==========================================\n\nSeverity: High\nDate : 2021-03-25\nCVE-ID : CVE-2021-1721 CVE-2021-1723 CVE-2021-24112\nPackage : dotnet-runtime\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1449\n\nSummary\n=======\n\nThe package dotnet-runtime before version 5.0.3.sdk103-2 is vulnerable\nto multiple issues including arbitrary code execution and denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 5.0.3.sdk103-2.\n\n# pacman -Syu \"dotnet-runtime>=5.0.3.sdk103-2\"\n\nThe problems have been fixed upstream in version 5.0.3.sdk103.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-1721 (denial of service)\n\nA security issue was found in dotnet-core before version 3.1.12. A\ndenial-of-service vulnerability exists when creating HTTPS web request\nduring X509 certificate chain building.\n\n- CVE-2021-1723 (denial of service)\n\nA flaw was found in dotnet-core before version 3.1.11. Running\ncallbacks outside of locks results in Krestel deadlock using HTTP2.\n\n- CVE-2021-24112 (arbitrary code execution)\n\nA remote code execution vulnerability exists in dotnet-core before\nversion 3.1.12 when parsing certain types of graphics files. This\nvulnerability only exists on systems running on MacOS or Linux.\n\nImpact\n======\n\nA malicious client can send crafted HTTP requests and crash the server,\nor execute arbitrary code by reading a crafted file.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/69317\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1721\nhttps://github.com/dotnet/announcements/issues/175\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723\nhttps://github.com/dotnet/announcements/issues/170\nhttps://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24112\nhttps://github.com/dotnet/announcements/issues/176\nhttps://security.archlinux.org/CVE-2021-1721\nhttps://security.archlinux.org/CVE-2021-1723\nhttps://security.archlinux.org/CVE-2021-24112", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-25T00:00:00", "type": "archlinux", "title": "[ASA-202103-16] dotnet-runtime: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-1723", "CVE-2021-24112"], "modified": "2021-03-25T00:00:00", "id": "ASA-202103-16", "href": "https://security.archlinux.org/ASA-202103-16", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "malwarebytes": [{"lastseen": "2021-02-13T13:09:08", "description": "Traditionally the second Tuesday of the month is Microsoft\u2019s \u201cpatch Tuesday\u201d. This is the day when they roll out all the available patches for their software, and their operating systems in particular.\n\nSince there were no less than 56 patches in this month\u2019s issue we will focus on the most important ones. Not that 56 is an awful lot. There were [more than 80 in January](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/01/microsoft-issues-83-patches-one-for-actively-exploited-vulnerability/>).\n\n### Microsoft CVEs by importance\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The most notable CVE\u2019s in this update were:\n\n * [CVE-2021-1732](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1732>) Windows Win32k elevation of privilege (EoP) vulnerability. This one we listed first as it\u2019s actively exploited in the wild. With a EoP vulnerability attackers can raise their authorization permissions beyond those initially granted. For example, if an attacker gains access to a system but only has read-only permissions they can use an EoP vulnerability to raise them to \u201cread and write\u201d, giving them an option to make unwanted changes.\n * [CVE-2021-26701](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26701>) a .NET Core Remote Code Execution (RCE) vulnerability. A remote code execution (RCE) attack happens when a threat actor illegally accesses and manipulates a computer or server without authorization from its owner. This is the only critical bug Microsoft listed as publicly known.\n * [CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) an IPv4 security vulnerability concerning source routing behavior. Microsoft adds to say: IPv4 Source routing is considered insecure and is blocked by default in Windows; however, a system will process the request and return an ICMP message denying the request.\n * [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) an IPv6 security vulnerability concerning the reassembly limit and related to the previous one. The reassembly limit controls the IP fragmentation, which is an Internet Protocol (IP) process that breaks packets into smaller fragments, so that the resulting pieces can pass through a link with a smaller maximum transmission unit (MTU) than the original packet size. The fragments are reassembled by the receiving host. Apparently an attacker could construe packets leading to a situation where a large number of fragments could lead to code execution.\n * [CVE-2021-1721](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1721>) a .NET Core and Visual Studio Denial of Service vulnerability. A Denial of Service attack is focused on making a resource (site, application, server) unavailable for the purpose it was designed.\n * [CVE-2021-1722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722>) and [CVE-2021-24077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077>) are both Windows Fax Service RCE problems. It's important to remember that even if you don\u2019t use \u201cWindows Fax and Scan\u201d, the Windows Fax Services is enabled by default.\n * [CVE-2021-1733](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1733>) is for Sysinternals\u2019 PsExec Elevation of Privilege vulnerability. While this one is listed as not likely to be exploited, the tool itself is worth keeping an eye on, because it's so popular with cybercriminals. They like it because, as a legitimate administration tool, it isn't normally detected as malicious software by default.\n\nIf you are all about prioritizing your updates, these are the ones that we recommend doing first. Everyone else is advised to install the updates at their earliest convenience.\n\nOne other notable thing is the default enabling of the Domain Controller enforcement mode. This was done to counter the effects of the ZeroLogon vulnerability which is being exploited in the wild. We already covered the full story of [ZeroLogon](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/01/the-story-of-zerologon/>) where this change was announced.\n\n### Adobe Reader for a change\n\nAnd while you are about to start your update cycles, you may want to have a look at this one from Adobe. Because this one is already actively being exploited as well. Where Adobe was notoriously famous for the bugs in their Flash Player, which has now reached [end-of-life](<https://blog.malwarebytes.com/awareness/2021/01/adobe-flash-player-reaches-end-of-life/>), occasionally a vulnerability in their Reader attracts some attention.\n\n[CVE-2021-21017](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21017>) is a critical heap-based buffer overflow flaw. Heap is the name for a region of a process\u2019 memory which is used to store dynamic variables. A buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region. In software exploit code, two common areas that are targeted for overflows are the stack and the heap.\n\nSo, by creating a specially crafted input, attackers could use this vulnerability to write code into a memory location where they normally wouldn\u2019t have access. In their advisory Adobe states that it has received a report that CVE-2021-21017 has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows.\n\nBoth Adobe Acrobat and Adobe Reader will automatically detect if a new version of the software is available. The program will check for a new version when you launch either Acrobat or Reader as an application and will prompt you to install a new version when it's available. IT administrators can control the update settings by using the [Adobe Customization Wizard](<https://www.adobe.com/nl/devnet-docs/acrobatetk/tools/Wizard/WizardDC/index.html>).\n\nStay safe, everyone!\n\nThe post [Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits](<https://blog.malwarebytes.com/malwarebytes-news/2021/02/big-patch-tuesday-microsoft-and-adobe-fix-in-the-wild-exploits/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-10T17:26:33", "type": "malwarebytes", "title": "Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1721", "CVE-2021-1722", "CVE-2021-1732", "CVE-2021-1733", "CVE-2021-21017", "CVE-2021-24074", "CVE-2021-24077", "CVE-2021-24094", "CVE-2021-26701"], "modified": "2021-02-10T17:26:33", "id": "MALWAREBYTES:3C358DDA439A247A9677866AFE8FA961", "href": "https://blog.malwarebytes.com/malwarebytes-news/2021/02/big-patch-tuesday-microsoft-and-adobe-fix-in-the-wild-exploits/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2021-02-09T22:45:30", "description": "Microsoft has addressed nine critical-severity cybersecurity bugs in February\u2019s Patch Tuesday updates, plus an important-rated vulnerability that is being actively exploited in the wild.\n\nSix of the security holes \u2013 including one of the critical bugs \u2013 were already publicly disclosed.\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nOverall, the computing giant has released patches for 56 CVEs covering Microsoft Windows components, the .NET Framework, Azure IoT, Azure Kubernetes Service, Microsoft Edge for Android, Exchange Server, Office and Office Services and Web Apps, Skype for Business and Lync, and Windows Defender.\n\n## **Actively Exploited Security Bug in Windows Kernel**\n\nThe security bug tracked as [CVE-2021-1732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732>)** **is being actively exploited, according to Microsoft\u2019s advisory. It carries a vulnerability-severity rating of 7.8 on the CVSS scale, making it important in severity \u2013 however, researchers said it deserves attention above some of the critical bugs in terms of patching priority.\n\nIt exists in the Windows Win32k operating system kernel and is an elevation-of-privilege (EoP) vulnerability. It would allow a logged-on user to execute code of their choosing with higher privileges, by running a specially crafted application. If successful, attackers could execute code in the context of the kernel and gain SYSTEM privileges, essentially giving the attacker free rein to do whatever they wanted on the compromised machine.\n\n\u201cThe vulnerability affects Windows 10 and corresponding server editions of the Windows OS,\u201d said Chris Goettl, senior director of product management and security at Ivanti. \u201cThis is a prime example of why risk-based prioritization is so important. If you base your prioritization off of vendor severity and focus on \u2018critical\u2019 you could have missed this vulnerability in your prioritization. This vulnerability should put Windows 10 and Server 2016 and later editions into your priority bucket for remediation this month.\u201d\n\n## **Critical Microsoft Bugs for February Patch Tuesday**\n\nNone of the critical bugs rate more than an 8.8 (out of 10) on the CVSS scale, but all allow for remote code execution (RCE) and many should take top priority, according to security researchers.\n\n * ### Publicly Known .NET Core/Visual Studio Bug\n\nFor instance, the bug tracked as [CVE-2021-26701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701>) exists in .NET Core and Visual Studio \u2013 it\u2019s the only critical-rated bug to be listed as publicly known.\n\n\u201cWithout more information from Microsoft, that\u2019s about all we know about it,\u201d said Dustin Childs, of Trend Micro\u2019s Zero Day Initiative, in [an analysis](<https://www.zerodayinitiative.com/blog/2021/2/9/the-february-2022-security-update-review>) released Tuesday. \u201cBased on the CVSS severity scale, this could allow remote, unauthenticated attackers to execute arbitrary code on an affected system. Regardless, if you rely on the .NET Framework or .NET Core, make sure you test and deploy this one quickly.\u201d\n\n * ### **Windows Fax Bugs**\n\nOther critical bugs should be on researchers\u2019 radars. The bugs tracked as [CVE-2021-1722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722>) and [CVE-2021-24077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077>) meanwhile are both Windows Fax Service RCE problems.\n\n\u201cWindows Fax Service specifies settings for faxes, including how they are sent, received, viewed and printed,\u201d said Eric Feldman, senior product marketing manager at Automox. \u201cThe Windows Fax Service is used by the Windows Fax and Scan application included in all versions of Microsoft Windows 7, Windows 8 and Windows 10 and some earlier versions.\u201d\n\nAn attacker who successfully exploited either vulnerability could take control of an affected system, and then be able to install programs; view, change or delete data; or create new accounts with full user rights.\n\n\u201cUsers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,\u201d Feldman said. \u201cEven if you do not use Windows Fax and Scan, the Windows Fax Services is enabled by default.\u201d\n\n * ### **Critical TCP/IP Bugs**\n\n[CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) and [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) are both Windows TCP/IP RCE vulnerabilities. The former is found in the way Windows handles iPv4 source routing; the latter is found in the way Windows handles iPv6 packet reassembly.\n\n\u201cIPv4 source routing\u2026should be disabled by default,\u201d said Childs. \u201cYou can also block source routing at firewalls or other perimeter devices. The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.\u201d\n\nResearchers said that both these patches should be prioritized.\n\n\u201cBecause these affect the network stack, require zero interaction from a user and can be exploited by sending malicious network traffic to a device, it\u2019s only a matter of time before we see attackers leveraging these vulnerabilities to carry out cyberattacks,\u201d Chris Hass, director of information security and research at Automox, said.\n\nKevin Breen, director of cyber threat research at Immersive Labs, said that the IPv6 security hole is an obvious target for hackers.\n\n\u201cCVE-2021-24094 would be an obvious target because it affects a network stack, which typically operates with system level permissions and could therefore gain an attacker a system shell,\u201d he said. \u201cAs an IPV6 Link local attack it would require the threat actor to already have a foothold in your network, but could ultimately lead to a high level of access on domain controllers, for example. This vulnerability would be most dangerous to those who operate a flat network. Segmentation will help with mitigation.\u201d\n\nBreen also pointed out that RCE isn\u2019t the only possible outcome of an exploit for this bug.\n\n\u201cThe release notes indicate that the exploit is \u2018complex\u2019 \u2013 which means attempted attacks may serve to cause systems to crash, giving it the potential to be used in a denial-of-service attack,\u201d he said.\n\n * ### **Flaw in Windows Codec Pack**\n\nWindows Camera Codec Pack is home to yet another critical RCE bug ([CVE-2021-24091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24091>)). If successfully exploited, an attacker could run arbitrary code in the context of the current user.\n\n\u201cIf the current user is logged on with admin privileges, the attacker could gain control of the affected system,\u201d said Justin Knapp, senior product marketing manager at Automox. \u201cThis could enable an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. Exploitation of the vulnerability requires the user to open a specially crafted file with an affected version of the codec pack. While there\u2019s no way to force a user to open the file, bad actors could manipulate a user through an email or web-based attack vector where the user is effectively convinced or enticed into opening the malicious file.\u201d\n\n * ### **Windows DNS Problems**\n\nAnd Windows Domain Name System (DNS) servers, when they fail to properly handle requests, are also open to a critical RCE bug ([CVE-2021-24078](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24078>)) that could allow an attacker to run arbitrary code in the context of the Local System Account.\n\n\u201cOnly Windows servers that are configured as DNS servers are at risk of having this vulnerability exploited,\u201d Knapp said. \u201cTo exploit the vulnerability, an unauthenticated attacker could send malicious requests to the Windows DNS server. Given the low level of attack complexity and \u2018exploitation more likely\u2019 label assigned, this is a vulnerability that should be addressed immediately.\u201d\n\n * ### **Windows Print Spooler**\n\nAlso of note, _[CVE-2021-24088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24088>)_ affects the Windows Local Spooler, which is an important component within the Windows operating system that stores print jobs in memory until the printer is ready to accept them.\n\nIt\u2019s a bug that \u201ccould be a big concern,\u201d according to Allan Liska, senior security architect at Recorded Future.\n\n\u201cThis vulnerability impacts Windows 7 to 10 and Windows Server 2008 to 2019,\u201d he said. \u201cWindows Print Spooler vulnerabilities have been widely exploited in the wild going back to the days of Stuxnet. Just last year CVE-2020-0986 was seen by Kaspersky being [widely exploited in the wild.](<https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/>)\u201d\n\n * ### **Other Critical February 2021 Microsoft Bugs**\n\nAnd finally, .NET Core for Linux is also at risk for RCE ([CVE-2021-24112](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112>)); and [CVE-2021-24093](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24093>) is a critical RCE vulnerability in the Windows graphic component. Details are scant for both, but of the latter, Breen said, \u201cThis is the kind of vulnerability built into exploit kits and triggered by low level phishing campaigns targeting users en masse.\u201d\n\nAnd, a critical bug that would allow RCE exists in the Microsoft Windows Codecs Library ([CVE-2021-24081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24081>)). Details are sparse, but Microsoft said that the difficulty required for exploitation is considered to be low. However, end-user interaction is required for successful exploitation.\n\n### **Publicly Disclosed Bugs of Note**\n\nOutside of the critical issues, [CVE-2021-1733](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1733>) is a high-severity EoP vulnerability discovered to be impacting Sysinternals PsExec utility that deserves a look. It\u2019s listed as being publicly disclosed.\n\n\u201cPsExec which has been popular in the past for use in remote administration tasks such as patching remote systems, has also had a fair share of scrutiny due the utility\u2019s weaponization by criminals in malware,\u201d Nicholas Colyer, senior product marketing manager at Automox, said via email. \u201cProof-of-concept code has not been independently verified but it is notable that in January 2021, Microsoft released a patch to resolve a remote code-execution vulnerability for the same utility, indicating that it is getting attention. Robust endpoint management is necessary for any organization\u2019s continued success and it is advisable to consider alternatives in the modern era of software-as-a-service.\u201d\n\nThe other publicly reported vulnerabilities this month are [CVE-2021-1727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727>), an EoP vulnerability in Windows Installer; [CVE-2021-24098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24098>), a DoS vulnerability in the Windows Console Driver; [CVE-2021-24106](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24106>), an information-disclosure vulnerability in Windows DirectX; and [CVE-2021-1721](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1721>), a .NET Core and Visual Studio DoS problem.\n\n## **Zerologon Redux**\n\nMicrosoft also again released the patch for the Netlogon vulnerability (CVE-2020-1472), which originally was resolved in August. The vulnerability has [consistently been exploited](<https://threatpost.com/microsoft-warns-zerologon-bug/160769/>) by threat actors, so the re-release serves to highlight its importance. Microsoft also starting Tuesday [began blocking by default](<https://threatpost.com/microsoft-implements-windows-zerologon-flaw-enforcement-mode/163104/>) any vulnerable connections on devices that could be used to exploit the flaw. It does this by enabling domain controller \u201cenforcement mode.\u201d\n\n\u201cWhen you consider that Zerologon led the U.S. government to issue an Emergency Directive to all federal agencies to promptly apply the patches for this vulnerability, you start to understand the gravity of the situation,\u201d Satnam Narang, staff research engineer at Tenable, told Threatpost. \u201cZerologon provides attackers a reliable way to move laterally once inside a network, giving them the ability to impersonate systems, alter passwords, and gain control over the proverbial keys to the kingdom via the domain controller itself.\u201d\n\nHe added, \u201cFor these reasons, Zerologon has been rolled into attacker playbooks, becoming a feather in the cap for post-compromise activity. We\u2019ve also seen reports of Zerologon being favored by ransomware groups like Ryuk during their campaigns.\u201d\n\n## **What Should IT Patch First?**\n\n\u201cWindows OS updates and [Adobe Acrobat and Reader](<https://threatpost.com/critical-adobe-windows-flaw/163789/>) need immediate attention with the list of exploited and publicly disclosed vulnerabilities,\u201d said Goettl.\n\nAfter that, development tools and IT tools \u201cneed some attention,\u201d he added.\n\n\u201c.Net Core and PsExec disclosures are a concern that should not go unaddressed. Because this development and IT tools do not follow the same update process as OS and application updates, it is important to review your DevOps processes and determine if you are able to detect and respond to updates for common dev components,\u201d he said. \u201cFor tools like PsExec it is important to understand your software inventory and where these tools are installed and ensure you can distribute updated versions as needed.\u201d\n\n**_Is your business an easy mark? _**_Save your spot for \u201c15 Cybersecurity Gaffes SMBs Make,\u201d **a **_**[_FREE Threatpost webinar_](<https://threatpost.com/webinars/15-cybersecurity-gaffes-and-fixes-mid-size-businesses-face/?utm_source=ART&utm_medium=ART&utm_campaign=Feb_webinar>) **_**on Feb. 24 at 2 p.m. ET.** Cybercriminals count on you making these mistakes, but our experts will help you lock down your small- to mid-sized business like it was a Fortune 100. __[Register here](<https://threatpost.com/webinars/15-cybersecurity-gaffes-and-fixes-mid-size-businesses-face/?utm_source=ART&utm_medium=ART&utm_campaign=Feb_webinar>)__ for the Wed., Feb. 24 LIVE webinar. _\n", "cvss3": {}, "published": "2021-02-09T22:33:08", "type": "threatpost", "title": "Actively Exploited Windows Kernel Bug Allows Takeover", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-0986", "CVE-2020-1472", "CVE-2021-1721", "CVE-2021-1722", "CVE-2021-1727", "CVE-2021-1732", "CVE-2021-1733", "CVE-2021-24074", "CVE-2021-24077", "CVE-2021-24078", "CVE-2021-24081", "CVE-2021-24088", "CVE-2021-24091", "CVE-2021-24093", "CVE-2021-24094", "CVE-2021-24098", "CVE-2021-24106", "CVE-2021-24112", "CVE-2021-26701"], "modified": "2021-02-09T22:33:08", "id": "THREATPOST:1502920D4F50B0D128077B515815C023", "href": "https://threatpost.com/exploited-windows-kernel-bug-takeover/163800/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-02-10T00:48:57", "description": "![Patch Tuesday - February 2021](https://blog.rapid7.com/content/images/2021/02/patches-2.jpg)\n\nThe second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the majority of Microsoft\u2019s product families. Despite that, there\u2019s still plenty to discuss this month.\n\n### Vulnerability Breakdown by Software Family\n\nFamily | Vulnerability Count \n---|--- \nWindows | 28 \nESU | 14 \nMicrosoft Office | 11 \nBrowser | 9 \nDeveloper Tools | 8 \nMicrosoft Dynamics | 2 \nExchange Server | 2 \nAzure | 2 \nSystem Center | 2 \n \n### Exploited and Publicly Disclosed Vulnerabilities\n\nOne zero-day was announced: [CVE-2021-1732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732>) is a privilege elevation vulnerability affecting the Win32k component of Windows 10 and Windows Server 2019, reported to be exploited in the wild. Four vulnerabilities have been previously disclosed: [CVE-2021-1727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727>), a privilege elevation vulnerability in Windows Installer, affecting all supported versions of Windows; [CVE-2021-24098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24098>), which is a denial of service (DoS) affecting Windows 10 and Server 2019; [CVE-2021-24106](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24106>), an information disclosure vulnerability affecting DirectX in Windows 10 and Server 2019; and [CVE-2021-26701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701>), an RCE in .NET Core.\n\n### Vulnerabilities in Windows TCP/IP\n\nMicrosoft also disclosed a set of [three serious vulnerabilities](<https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/>) affecting the TCP/IP networking stack in all supported versions of Windows. Two of these ([CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) and [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>)) carry a base CVSSv3 score of 9.8 and could allow Remote Code Execution (RCE). [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) is specific to IPv6 link-local addresses, meaning it isn\u2019t exploitable over the public internet. [CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>), however, does not have this limitation. The third, [CVE-2021-24086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086>), is a DoS vulnerability that could allow an attacker to trigger a \u201cblue screen of death\u201d on any Windows system that is directly exposed to the internet, using only a small amount of network traffic. The RCE exploits are probably not a threat in the short term, due to the complexity of the vulnerabilities, but DoS attacks are expected to be seen much more quickly. Windows systems should be patched as soon as possible to protect against these.\n\nIn the event a patch cannot be applied immediately, such as on systems that cannot be rebooted, Microsoft has published mitigation guidance that will protect against exploitation of the TCP/IP vulnerabilities. Depending on the exposure of an asset, IPv4 Source Routing should be disabled via a Group Policy or a Netsh command, and IPv6 packet reassembly should be disabled via a separate Netsh command. IPv4 Source Routing requests and IPv6 fragments can also be blocked load balancers, firewalls, or other edge devices to mitigate these issues.\n\n### Zerologon Update\n\nBack in August, 2020, Microsoft addressed a critical remote code vulnerability (CVE-2020-1472) affecting the Netlogon protocol (MS-NRPC), a.k.a. \u201c[Zerologon](<https://blog.rapid7.com/2020/09/14/cve-2020-1472-zerologon-critical-privilege-escalation/>)\u201d. In October, Microsoft [noted](<https://msrc-blog.microsoft.com/2020/10/29/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/>) that attacks which exploit this weakness have been seen in the wild. On January 14, 2021, they [reminded](<https://msrc-blog.microsoft.com/2021/01/14/netlogon-domain-controller-enforcement-mode-is-enabled-by-default-beginning-with-the-february-9-2021-security-update-related-to-cve-2020-1472/>) organizations that the February 2021 security update bundle will also be enabling \u201cDomain Controller enforcement mode\" by default to fully address this weakness. Any system that tries to make an insecure Netlogon connection will be denied access. Any business-critical process that relies on these insecure connections will cease to function. Rapid7 encourages all organizations to [heed the detailed guidance](<https://support.microsoft.com/en-us/topic/how-to-manage-the-changes-in-netlogon-secure-channel-connections-associated-with-cve-2020-1472-f7e8cc17-0309-1d6a-304e-5ba73cd1a11e#bkmk_detectingnon_compliant>) before applying the latest updates to ensure continued business process continuity.\n\n### Adobe\n\nMost important amongst the [six security advisories](<https://helpx.adobe.com/security.html>) published by Adobe today is [APSB21-09](<https://helpx.adobe.com/security/products/acrobat/apsb21-09.html>), detailing 23 CVEs affecting Adobe Acrobat and Reader. Six of these are rated Critical and allow Arbitrary Code Execution, and one of which (CVE-2021-21017), has been seen exploited in the wild in attacks targeting Adobe Reader users on Windows.\n\n### Summary Tables\n\n#### Azure Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24109](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24109>) | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-24087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24087>) | Azure IoT CLI extension Elevation of Privilege Vulnerability | No | No | 7 | Yes \n \n#### Browser Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24100](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24100>) | Microsoft Edge for Android Information Disclosure Vulnerability | No | No | 5 | Yes \n[CVE-2021-24113](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24113>) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | No | No | 4.6 | Yes \n[CVE-2021-21148](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21148>) | Chromium CVE-2021-21148: Heap buffer overflow in V8 | N/A | N/A | nan | Yes \n[CVE-2021-21147](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21147>) | Chromium CVE-2021-21147: Inappropriate implementation in Skia | N/A | N/A | nan | Yes \n[CVE-2021-21146](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21146>) | Chromium CVE-2021-21146: Use after free in Navigation | N/A | N/A | nan | Yes \n[CVE-2021-21145](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21145>) | Chromium CVE-2021-21145: Use after free in Fonts | N/A | N/A | nan | Yes \n[CVE-2021-21144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21144>) | Chromium CVE-2021-21144: Heap buffer overflow in Tab Groups | N/A | N/A | nan | Yes \n[CVE-2021-21143](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21143>) | Chromium CVE-2021-21143: Heap buffer overflow in Extensions | N/A | N/A | nan | Yes \n[CVE-2021-21142](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21142>) | Chromium CVE-2021-21142: Use after free in Payments | N/A | N/A | nan | Yes \n \n#### Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-26700](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26700>) | Visual Studio Code npm-script Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-1639](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1639>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7 | No \n[CVE-2021-1733](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1733>) | Sysinternals PsExec Elevation of Privilege Vulnerability | No | Yes | 7.8 | Yes \n[CVE-2021-24105](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24105>) | Package Managers Configurations Remote Code Execution Vulnerability | No | No | 8.4 | Yes \n[CVE-2021-24111](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24111>) | .NET Framework Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-1721](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1721>) | .NET Core and Visual Studio Denial of Service Vulnerability | No | Yes | 6.5 | No \n[CVE-2021-26701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701>) | .NET Core Remote Code Execution Vulnerability | No | Yes | 8.1 | Yes \n[CVE-2021-24112](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112>) | .NET Core Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n \n#### ESU Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24080](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24080>) | Windows Trust Verification API Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086>) | Windows TCP/IP Denial of Service Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-1734](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1734>) | Windows Remote Procedure Call Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-25195](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-25195>) | Windows PKU2U Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24088>) | Windows Local Spooler Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-1727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727>) | Windows Installer Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-24077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-1722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-24102](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24102>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24103](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24103>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24078](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24078>) | Windows DNS Server Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24083](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24083>) | Windows Address Book Remote Code Execution Vulnerability | No | No | 7.8 | No \n \n#### Exchange Server Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24085](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24085>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-1730](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1730>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 5.4 | Yes \n \n#### Microsoft Dynamics Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1724](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1724>) | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | No | No | 6.1 | No \n[CVE-2021-24101](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24101>) | Microsoft Dataverse Information Disclosure Vulnerability | No | No | 6.5 | Yes \n \n#### Microsoft Office Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24073](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24073>) | Skype for Business and Lync Spoofing Vulnerability | No | No | 6.5 | No \n[CVE-2021-24099](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24099>) | Skype for Business and Lync Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2021-24114](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24114>) | Microsoft Teams iOS Information Disclosure Vulnerability | No | No | 5.7 | Yes \n[CVE-2021-1726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726>) | Microsoft SharePoint Spoofing Vulnerability | No | No | 8 | Yes \n[CVE-2021-24072](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-24066](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066>) | Microsoft SharePoint Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24071](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071>) | Microsoft SharePoint Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-24067](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24067>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24068](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24068>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24069>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24070](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24070>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n## System Center Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1728](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1728>) | System Center Operations Manager Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24092>) | Microsoft Defender Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n#### Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732>) | Windows Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-1698](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1698>) | Windows Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24075](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24075>) | Windows Network File System Denial of Service Vulnerability | No | No | 6.8 | No \n[CVE-2021-24084](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24084>) | Windows Mobile Device Management Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24096>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24093](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24093>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24106](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24106>) | Windows DirectX Information Disclosure Vulnerability | No | Yes | 5.5 | Yes \n[CVE-2021-24098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24098>) | Windows Console Driver Denial of Service Vulnerability | No | Yes | 5.5 | Yes \n[CVE-2021-24091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24091>) | Windows Camera Codec Pack Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-24079](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24079>) | Windows Backup Engine Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-1731](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1731>) | PFX Encryption Security Feature Bypass Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24082](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24082>) | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | No | No | 4.3 | No \n[CVE-2021-24076](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24076>) | Microsoft Windows VMSwitch Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24081>) | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | No | No | 7.8 | No \n \n### Summary Charts\n\n![Patch Tuesday - February 2021](https://blog.rapid7.com/content/images/2021/02/2021-02-vuln_count_component.png)![Patch Tuesday - February 2021](https://blog.rapid7.com/content/images/2021/02/2021-02-cvssv3_hist.png)![Patch Tuesday - February 2021](https://blog.rapid7.com/content/images/2021/02/2021-02-vuln_count_severity.png)![Patch Tuesday - February 2021](https://blog.rapid7.com/content/images/2021/02/2021-02-vuln_count_impact.png)\n\n________Note: _______Chart_______ data is reflective of data presented by Microsoft's CVRF at the time of writing.________", "cvss3": {}, "published": "2021-02-09T23:51:27", "type": "rapid7blog", "title": "Patch Tuesday - February 2021", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-1472", "CVE-2021-1639", "CVE-2021-1698", "CVE-2021-1721", "CVE-2021-1722", "CVE-2021-1724", "CVE-2021-1726", "CVE-2021-1727", "CVE-2021-1728", "CVE-2021-1730", "CVE-2021-1731", "CVE-2021-1732", "CVE-2021-1733", "CVE-2021-1734", "CVE-2021-21017", "CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148", "CVE-2021-24066", "CVE-2021-24067", "CVE-2021-24068", "CVE-2021-24069", "CVE-2021-24070", "CVE-2021-24071", "CVE-2021-24072", "CVE-2021-24073", "CVE-2021-24074", "CVE-2021-24075", "CVE-2021-24076", "CVE-2021-24077", "CVE-2021-24078", "CVE-2021-24079", "CVE-2021-24080", "CVE-2021-24081", "CVE-2021-24082", "CVE-2021-24083", "CVE-2021-24084", "CVE-2021-24085", "CVE-2021-24086", "CVE-2021-24087", "CVE-2021-24088", "CVE-2021-24091", "CVE-2021-24092", "CVE-2021-24093", "CVE-2021-24094", "CVE-2021-24096", "CVE-2021-24098", "CVE-2021-24099", "CVE-2021-24100", "CVE-2021-24101", "CVE-2021-24102", "CVE-2021-24103", "CVE-2021-24105", "CVE-2021-24106", "CVE-2021-24109", "CVE-2021-24111", "CVE-2021-24112", "CVE-2021-24113", "CVE-2021-24114", "CVE-2021-25195", "CVE-2021-26700", "CVE-2021-26701"], "modified": "2021-02-09T23:51:27", "id": "RAPID7BLOG:44EA89871AFF6881B909B9FD0E07034F", "href": "https://blog.rapid7.com/2021/02/09/patch-tuesday-february-2021/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}