| Reporter | Title | Published | Views | Family All 158 |
|---|---|---|---|---|
| Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC | 26 May 200900:00 | – | zdt | |
| Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities | 18 Aug 200400:00 | – | nessus | |
| Safari < 3.2.3 Multiple Vulnerabilities | 18 Aug 200400:00 | – | nessus | |
| Sun Java System Access Manager 7.1 < Patch 3 Multiple Vulnerabilities | 13 Aug 200900:00 | – | nessus | |
| Sun OpenSSO Enterprise 8.0 < Patch1 Update1 Memory Corruption | 13 Aug 200900:00 | – | nessus | |
| CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0884) | 12 Sep 200800:00 | – | nessus | |
| Debian DSA-1654-1 : libxml2 - buffer overflow | 15 Oct 200800:00 | – | nessus | |
| FreeBSD : libxml2 -- two vulnerabilities (d71da236-9a94-11dd-8f42-001c2514716c) | 15 Oct 200800:00 | – | nessus | |
| GLSA-200812-06 : libxml2: Multiple vulnerabilities | 3 Dec 200800:00 | – | nessus | |
| Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities | 13 May 200900:00 | – | nessus |
| Source | Link |
|---|---|
| getupdates | www.getupdates.oracle.com/readme/125731-12 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(107442);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2008-3529");
script_name(english:"Solaris 10 (sparc) : 125731-12");
script_summary(english:"Check for patch 125731-12");
script_set_attribute(
attribute:"synopsis",
value:"The remote host is missing Sun Security Patch number 125731-12"
);
script_set_attribute(
attribute:"description",
value:
"SunOS 5.10: XML and XSLT libraries patch.
Date this patch was last updated by Sun : Jun/11/15"
);
script_set_attribute(
attribute:"see_also",
value:"https://getupdates.oracle.com/readme/125731-12"
);
script_set_attribute(attribute:"solution", value:"Install patch 125731-12 or higher");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-3529");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(119);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:125731");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:148668");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");
script_set_attribute(attribute:"vuln_publication_date", value:"2008/09/12");
script_set_attribute(attribute:"patch_publication_date", value:"2015/06/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");
showrev = get_kb_item("Host/Solaris/showrev");
if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
full_ver = os_ver[1];
os_level = os_ver[2];
if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
package_arch = package_arch[1];
if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch);
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"125731-12", obsoleted_by:"", package:"SUNWlxml-python", version:"11.10.0,REV=2007.02.19.08.51") < 0) flag++;
if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"125731-12", obsoleted_by:"", package:"SUNWlxml", version:"11.10.0,REV=2005.01.08.05.16") < 0) flag++;
if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"125731-12", obsoleted_by:"", package:"SUNWlxmlS", version:"11.10.0,REV=2005.01.08.05.16") < 0) flag++;
if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"125731-12", obsoleted_by:"", package:"SUNWlxsl", version:"11.10.0,REV=2005.01.08.05.16") < 0) flag++;
if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"125731-12", obsoleted_by:"", package:"SUNWlxslS", version:"11.10.0,REV=2005.01.08.05.16") < 0) flag++;
if (flag) {
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : solaris_get_report()
);
} else {
patch_fix = solaris_patch_fix_get();
if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
tested = solaris_pkg_tests_get();
if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWlxml / SUNWlxml-python / SUNWlxmlS / SUNWlxsl / SUNWlxslS");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation