ID SUSE_SU-2015-1705-1.NASL Type nessus Reporter Tenable Modified 2018-11-29T00:00:00
Description
A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2015:1705-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(86342);
script_version("2.10");
script_cvs_date("Date: 2018/11/29 12:03:38");
script_cve_id("CVE-2015-7236");
script_name(english:"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"A use-after-free security bug in rpcbind was fixed which could lead to
a remote denial of service.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=940191"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=946204"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7236/"
);
# https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?1efcd32c"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12 :
zypper in -t patch SUSE-SLE-SERVER-12-2015-659=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rpcbind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rpcbind-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"patch_publication_date", value:"2015/09/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = eregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! ereg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! ereg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"0", reference:"rpcbind-0.2.1_rc4-13.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"rpcbind-debuginfo-0.2.1_rc4-13.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"rpcbind-debugsource-0.2.1_rc4-13.3.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rpcbind");
}
{"id": "SUSE_SU-2015-1705-1.NASL", "bulletinFamily": "scanner", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-10-12T00:00:00", "modified": "2018-11-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "reporter": "Tenable", "references": ["https://www.suse.com/security/cve/CVE-2015-7236/", "https://bugzilla.suse.com/show_bug.cgi?id=940191", "http://www.nessus.org/u?1efcd32c", "https://bugzilla.suse.com/show_bug.cgi?id=946204"], "cvelist": ["CVE-2015-7236"], "type": "nessus", "lastseen": "2019-02-21T01:25:11", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "b34dbe582be0057c5bb32d03597276445f4187c0c79729725558e6d07f21233a", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "21d85ac356942e38bedd62956a962b5a", "key": "modified"}, {"hash": "61617f54fa56a70e9ff446dfbedc7b29", "key": "sourceData"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-08-30T19:32:17", "modified": "2018-08-02T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/08/02 16:41:58\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["cvss"], "edition": 7, "lastseen": "2018-08-30T19:32:17"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {}, "hash": "a49e48ae552a9db17f70c20f5e429b851103e81bfe596d3411f2eb1b6614ccd5", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "be0ae773bc5f311ac60836fc21bc8c6c", "key": "sourceData"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "b017f8fd1f68bf1ce3326a29d49bf7f3", "key": "modified"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2016-12-28T06:09:25", "modified": "2016-12-27T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"$Revision: 2.6 $\");\n script_cvs_date(\"$Date: 2016/12/27 20:14:33 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_osvdb_id(127773);\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:ND/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 4}, "differentElements": ["cpe"], "edition": 3, "lastseen": "2016-12-28T06:09:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "99551ea7a5bc998e4ae4da2cd4bbc28d7aa733ae9906dd77dbb480e992f83215", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "21d85ac356942e38bedd62956a962b5a", "key": "modified"}, {"hash": "61617f54fa56a70e9ff446dfbedc7b29", "key": "sourceData"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-08-05T11:36:47", "modified": "2018-08-02T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/08/02 16:41:58\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-08-05T11:36:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 9, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "fe66578d065f29e28f356027f59720a94db8da31bfc883790f881307d8e484d8", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "960ed9ce5e0eeda372df3d25e189aa75", "key": "sourceData"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "7af010949daf346b87306c1ab222ff37", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-11-13T16:45:25", "modified": "2018-11-10T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236/", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.9\");\n script_cvs_date(\"Date: 2018/11/10 11:50:03\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["references", "modified", "sourceData"], "edition": 9, "lastseen": "2018-11-13T16:45:25"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "hash": "af7e351e1a4fba65f1194447b7a348cfdc16fe4b98acacbaf675feb66da6120d", "hashmap": [{"hash": "08217ecdc6775ddf8ce296aba42404b4", "key": "sourceData"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "8a31f2b6d2231902c635291bbdb739b6", "key": "modified"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2016-09-26T17:23:28", "modified": "2016-05-19T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"$Revision: 2.4 $\");\n script_cvs_date(\"$Date: 2016/05/19 18:02:20 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_osvdb_id(127773);\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:ND/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:28"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "hash": "c1db99ab6b8b7e5290330a8b2ae3545bf7aba9d3bb39af8f8255da39174dbffe", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "132b1b89ab6aa57018d0f7d58122c20b", "key": "cvss"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "45e06f4e442586fa6bc2a3b777216370", "key": "sourceData"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "modified"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2016-10-13T21:23:34", "modified": "2016-10-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:46:31 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_osvdb_id(127773);\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:ND/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 2}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2016-10-13T21:23:34"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "d232c59ba4c834dbf301550b8979d283ce6f53f9a95d4a7e36881462eb0b817e", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "be0ae773bc5f311ac60836fc21bc8c6c", "key": "sourceData"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "b017f8fd1f68bf1ce3326a29d49bf7f3", "key": "modified"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2017-10-29T13:34:14", "modified": "2016-12-27T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"$Revision: 2.6 $\");\n script_cvs_date(\"$Date: 2016/12/27 20:14:33 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_osvdb_id(127773);\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:ND/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2017-10-29T13:34:14"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 10, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "862afdd81bef2f3f2396692ffc3dcd56693e3cb28d0de70e04fff72819c84381", "hashmap": [{"hash": "7691633fca0e0a11264bf627c99f3991", "key": "sourceData"}, {"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "21fdd306479b20da988e9279c12e51d8", "key": "modified"}, {"hash": "214029be6b8b39369e4e540d43710a26", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-11-30T07:18:35", "modified": "2018-11-29T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://www.suse.com/security/cve/CVE-2015-7236/", "https://bugzilla.suse.com/show_bug.cgi?id=940191", "http://www.nessus.org/u?1efcd32c", "https://bugzilla.suse.com/show_bug.cgi?id=946204"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["description"], "edition": 10, "lastseen": "2018-11-30T07:18:35"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 11, "enchantments": {"dependencies": {"modified": "2019-01-16T20:22:30", "references": [{"idList": ["USN-2756-1"], "type": "ubuntu"}, {"idList": ["ELSA-2016-0005"], "type": "oraclelinux"}, {"idList": ["OPENVAS:1361412562310806707", "OPENVAS:1361412562310120649", "OPENVAS:1361412562310122813", "OPENVAS:1361412562310882367", "OPENVAS:1361412562310130008", "OPENVAS:703366", "OPENVAS:1361412562310703366", "OPENVAS:1361412562310882364", "OPENVAS:1361412562310871537", "OPENVAS:1361412562310842473"], "type": "openvas"}, {"idList": ["SOL44340019", "F5:K44340019"], "type": "f5"}, {"idList": ["GLSA-201611-17"], "type": "gentoo"}, {"idList": ["CESA-2016:0005"], "type": "centos"}, {"idList": ["ORACLE:CPUAPR2016V3-2985753"], "type": "oracle"}, {"idList": ["CVE-2015-7236"], "type": "cve"}, {"idList": ["0E5D6969-600A-11E6-A6C3-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["RHSA-2016:0005"], "type": "redhat"}, {"idList": ["ALAS-2016-659"], "type": "amazon"}, {"idList": ["SUSE_SU-2015-1705-2.NASL", "CENTOS_RHSA-2016-0005.NASL", "REDHAT-RHSA-2016-0005.NASL", "DEBIAN_DLA-311.NASL", "GENTOO_GLSA-201611-17.NASL", "SUSE_SU-2015-1706-2.NASL", "SOLARIS_APR2016_SRU11_3_4_5_0.NASL", "SUSE_SU-2015-1706-1.NASL", "DEBIAN_DSA-3366.NASL", "ORACLELINUX_ELSA-2016-0005.NASL"], "type": "nessus"}, {"idList": ["ASA-201509-10"], "type": "archlinux"}, {"idList": ["SECURITYVULNS:VULN:14701", "SECURITYVULNS:DOC:32521"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-3366-1:9CDF5", "DEBIAN:DLA-311-1:16C90"], "type": "debian"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "e0acadc3f8a7be61edd460ea0cf47408d6e1df0a829c0ba4ec05599facdf05f4", "hashmap": [{"hash": "7691633fca0e0a11264bf627c99f3991", "key": "sourceData"}, {"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "21fdd306479b20da988e9279c12e51d8", "key": "modified"}, {"hash": "214029be6b8b39369e4e540d43710a26", "key": "references"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}, {"hash": "558ed55265d1f23312d3443124d1d18f", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2019-01-16T20:22:30", "modified": "2018-11-29T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://www.suse.com/security/cve/CVE-2015-7236/", "https://bugzilla.suse.com/show_bug.cgi?id=940191", "http://www.nessus.org/u?1efcd32c", "https://bugzilla.suse.com/show_bug.cgi?id=946204"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["description"], "edition": 11, "lastseen": "2019-01-16T20:22:30"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "bf2d296a1837269176ffe4559d3f65b2cd5defe8845da8252f011ce6529d7dca", "hashmap": [{"hash": "b462ec2894d00943db97e08ecf12cf79", "key": "sourceData"}, {"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "5eb19ee518099c64f9faa78cd1870cc0", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-08-01T09:38:03", "modified": "2018-07-31T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-08-01T09:38:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "cvelist": ["CVE-2015-7236"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 8, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "99551ea7a5bc998e4ae4da2cd4bbc28d7aa733ae9906dd77dbb480e992f83215", "hashmap": [{"hash": "f7ebdbf41af458fbc2a14a3d5089eb8c", "key": "title"}, {"hash": "633a602cf148e765cb339404a97c2ba6", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca", "key": "cpe"}, {"hash": "cd7f06b305448a9b8c094a46db6650de", "key": "references"}, {"hash": "ca5a4ac53628a49016f60030300963a7", "key": "description"}, {"hash": "21d85ac356942e38bedd62956a962b5a", "key": "modified"}, {"hash": "61617f54fa56a70e9ff446dfbedc7b29", "key": "sourceData"}, {"hash": "4aaf3bb116b6d1ef45df10ddf536ed8c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "bd75f42f6fe258f45aab58412efd9c81", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "84b34fb10a0d853935d984fb3c7ebef5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=86342", "id": "SUSE_SU-2015-1705-1.NASL", "lastseen": "2018-09-01T23:35:04", "modified": "2018-08-02T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "86342", "published": "2015-10-12T00:00:00", "references": ["https://bugzilla.suse.com/946204", "https://bugzilla.suse.com/940191", "https://www.suse.com/security/cve/CVE-2015-7236.html", "http://www.nessus.org/u?1efcd32c"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/08/02 16:41:58\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236.html\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "title": "SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)", "type": "nessus", "viewCount": 5}, "differentElements": ["references", "modified", "sourceData"], "edition": 8, "lastseen": "2018-09-01T23:35:04"}], "edition": 12, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "68f2eecc3fdf8e61c1779f93fc8fa7ca"}, {"key": "cvelist", "hash": "4aaf3bb116b6d1ef45df10ddf536ed8c"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "ca5a4ac53628a49016f60030300963a7"}, {"key": "href", "hash": "bd75f42f6fe258f45aab58412efd9c81"}, {"key": "modified", "hash": "21fdd306479b20da988e9279c12e51d8"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "633a602cf148e765cb339404a97c2ba6"}, {"key": "published", "hash": "84b34fb10a0d853935d984fb3c7ebef5"}, {"key": "references", "hash": "214029be6b8b39369e4e540d43710a26"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "7691633fca0e0a11264bf627c99f3991"}, {"key": "title", "hash": "f7ebdbf41af458fbc2a14a3d5089eb8c"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "862afdd81bef2f3f2396692ffc3dcd56693e3cb28d0de70e04fff72819c84381", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-7236"]}, {"type": "f5", "idList": ["SOL44340019", "F5:K44340019"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310882364", "OPENVAS:1361412562310703366", "OPENVAS:703366", "OPENVAS:1361412562310882367", "OPENVAS:1361412562310130008", "OPENVAS:1361412562310120649", "OPENVAS:1361412562310122813", "OPENVAS:1361412562310806707", "OPENVAS:1361412562310871537", "OPENVAS:1361412562310842473"]}, {"type": "archlinux", "idList": ["ASA-201509-10"]}, {"type": "freebsd", "idList": ["0E5D6969-600A-11E6-A6C3-14DAE9D210B8"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32521", "SECURITYVULNS:VULN:14701"]}, {"type": "nessus", "idList": ["SOLARIS10_152264.NASL", "SOLARIS_APR2016_SRU11_3_4_5_0.NASL", "DEBIAN_DLA-311.NASL", "SL_20160107_RPCBIND_ON_SL6_X.NASL", "SUSE_SU-2015-1705-2.NASL", "SUSE_SU-2015-1706-1.NASL", "GENTOO_GLSA-201611-17.NASL", "DEBIAN_DSA-3366.NASL", "SOLARIS10_X86_152265.NASL", "FEDORA_2015-9EEE2FBC78.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0005"]}, {"type": "amazon", "idList": ["ALAS-2016-659"]}, {"type": "gentoo", "idList": ["GLSA-201611-17"]}, {"type": "redhat", "idList": ["RHSA-2016:0005"]}, {"type": "centos", "idList": ["CESA-2016:0005"]}, {"type": "ubuntu", "idList": ["USN-2756-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-311-1:16C90", "DEBIAN:DSA-3366-1:9CDF5"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3-2985753"]}], "modified": "2019-02-21T01:25:11"}, "score": {"value": 5.7, "vector": "NONE", "modified": "2019-02-21T01:25:11"}, "vulnersScore": 5.7}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86342);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLES12 Security Update : rpcbind (SUSE-SU-2015:1705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efcd32c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "86342", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rpcbind", "p-cpe:/a:novell:suse_linux:rpcbind-debugsource", "p-cpe:/a:novell:suse_linux:rpcbind-debuginfo"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:14:44", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.\n<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2017-07-01T01:29:00", "id": "CVE-2015-7236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7236", "published": "2015-10-01T20:59:00", "title": "CVE-2015-7236", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-11-05T05:25:20", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-11-04T00:00:00", "published": "2016-11-04T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/44/sol44340019.html", "id": "SOL44340019", "type": "f5", "title": "SOL44340019 - rpcbind use-after-free vulnerability CVE-2015-7236", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:26", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-11-05T04:25:00", "published": "2016-11-05T04:25:00", "href": "https://support.f5.com/csp/article/K44340019", "id": "F5:K44340019", "type": "f5", "title": "rpcbind use-after-free vulnerability CVE-2015-7236 ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2019-05-29T19:20:39", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service (denial of service) by performing a series of UDP and TCP calls.\n\n \n**Affected Packages:** \n\n\nrpcbind\n\n \n**Issue Correction:** \nRun _yum update rpcbind_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n rpcbind-0.2.0-11.8.amzn1.i686 \n rpcbind-debuginfo-0.2.0-11.8.amzn1.i686 \n \n src: \n rpcbind-0.2.0-11.8.amzn1.src \n \n x86_64: \n rpcbind-debuginfo-0.2.0-11.8.amzn1.x86_64 \n rpcbind-0.2.0-11.8.amzn1.x86_64 \n \n \n", "modified": "2016-03-10T16:30:00", "published": "2016-03-10T16:30:00", "id": "ALAS-2016-659", "href": "https://alas.aws.amazon.com/ALAS-2016-659.html", "title": "Medium: rpcbind", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:00", "bulletinFamily": "unix", "description": "[0.2.0-11.el6_7]\n- Fix memory corruption in PMAP_CALLIT code (bz 1283638)", "modified": "2016-01-07T00:00:00", "published": "2016-01-07T00:00:00", "id": "ELSA-2016-0005", "href": "http://linux.oracle.com/errata/ELSA-2016-0005.html", "title": "rpcbind security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-11-22T12:55:27", "bulletinFamily": "unix", "description": "### Background\n\nThe RPCBind utility is a server that converts RPC program numbers into universal addresses. \n\n### Description\n\nA use-after-free vulnerability was discovered in RPCBind\u2019s svc_dodestroy function when trying to free a corrupted xprt->xp_netid pointer. \n\n### Impact\n\nA remote attacker could possibly cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll RPCBind users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-nds/rpcbind-0.2.3-r1\"", "modified": "2016-11-22T00:00:00", "published": "2016-11-22T00:00:00", "id": "GLSA-201611-17", "href": "https://security.gentoo.org/glsa/201611-17", "type": "gentoo", "title": "RPCBind: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:35:27", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2019-03-14T00:00:00", "published": "2016-03-11T00:00:00", "id": "OPENVAS:1361412562310120649", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120649", "title": "Amazon Linux Local Check: alas-2016-659", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-659.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120649\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-11 07:09:12 +0200 (Fri, 11 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-659\");\n script_tag(name:\"insight\", value:\"A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service (denial of service) by performing a series of UDP and TCP calls.\");\n script_tag(name:\"solution\", value:\"Run yum update rpcbind to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-659.html\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~11.8.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"rpcbind-debuginfo\", rpm:\"rpcbind-debuginfo~0.2.0~11.8.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "scanner", "description": "Check the version of rpcbind", "modified": "2019-03-08T00:00:00", "published": "2016-01-08T00:00:00", "id": "OPENVAS:1361412562310882364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882364", "title": "CentOS Update for rpcbind CESA-2016:0005 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rpcbind CESA-2016:0005 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882364\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-08 06:31:07 +0100 (Fri, 08 Jan 2016)\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for rpcbind CESA-2016:0005 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of rpcbind\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The rpcbind utility is a server that\nconverts RPC program numbers into universal addresses. It must be running on the\nhost to be able to make RPC calls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could possibly\nexploit this flaw to crash the rpcbind service by performing a series of\nUDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. If the rpcbind service\nis running, it will be automatically restarted after installing this\nupdate.\");\n script_tag(name:\"affected\", value:\"rpcbind on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0005\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-January/021604.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~33.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:01", "bulletinFamily": "scanner", "description": "A remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount a\ndenial of service (rpcbind crash).", "modified": "2019-03-18T00:00:00", "published": "2015-09-23T00:00:00", "id": "OPENVAS:1361412562310703366", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703366", "title": "Debian Security Advisory DSA 3366-1 (rpcbind - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3366.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3366-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703366\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-7236\");\n script_name(\"Debian Security Advisory DSA 3366-1 (rpcbind - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-23 00:00:00 +0200 (Wed, 23 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3366.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"rpcbind on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy), this problem has been fixed\nin version 0.2.0-8+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.2.1-6+deb8u1.\n\nWe recommend that you upgrade your rpcbind packages.\");\n script_tag(name:\"summary\", value:\"A remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount a\ndenial of service (rpcbind crash).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.0-8+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.1-6+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:33", "bulletinFamily": "scanner", "description": "Check the version of rpcbind", "modified": "2019-03-08T00:00:00", "published": "2016-01-08T00:00:00", "id": "OPENVAS:1361412562310882367", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882367", "title": "CentOS Update for rpcbind CESA-2016:0005 centos6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for rpcbind CESA-2016:0005 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882367\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-08 06:31:17 +0100 (Fri, 08 Jan 2016)\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for rpcbind CESA-2016:0005 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of rpcbind\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The rpcbind utility is a server that\nconverts RPC program numbers into universal addresses. It must be running on\nthe host to be able to make RPC calls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could possibly\nexploit this flaw to crash the rpcbind service by performing a series of\nUDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. If the rpcbind service\nis running, it will be automatically restarted after installing this\nupdate.\");\n script_tag(name:\"affected\", value:\"rpcbind on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0005\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-January/021593.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~11.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:33", "bulletinFamily": "scanner", "description": "Mageia Linux Local Security Checks mgasa-2015-0383", "modified": "2018-09-28T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310130008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130008", "title": "Mageia Linux Local Check: mgasa-2015-0383", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0383.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130008\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:41:27 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0383\");\n script_tag(name:\"insight\", value:\"Updated rpcbind package fixes security vulnerability: A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service (rpcbind crash) (CVE-2015-7236).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0383.html\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0383\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.2~1.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:53:29", "bulletinFamily": "scanner", "description": "A remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount a\ndenial of service (rpcbind crash).", "modified": "2017-07-07T00:00:00", "published": "2015-09-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703366", "id": "OPENVAS:703366", "title": "Debian Security Advisory DSA 3366-1 (rpcbind - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3366.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3366-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703366);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-7236\");\n script_name(\"Debian Security Advisory DSA 3366-1 (rpcbind - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-23 00:00:00 +0200 (Wed, 23 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3366.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"rpcbind on Debian Linux\");\n script_tag(name: \"insight\", value: \"The rpcbind utility is a server that converts RPC program numbers\ninto universal addresses.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), this problem has been fixed\nin version 0.2.0-8+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.2.1-6+deb8u1.\n\nWe recommend that you upgrade your rpcbind packages.\");\n script_tag(name: \"summary\", value: \"A remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount a\ndenial of service (rpcbind crash).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.0-8+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.1-6+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:42", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2016-0005", "modified": "2019-03-14T00:00:00", "published": "2016-01-08T00:00:00", "id": "OPENVAS:1361412562310122813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122813", "title": "Oracle Linux Local Check: ELSA-2016-0005", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0005.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122813\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-08 07:47:18 +0200 (Fri, 08 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0005\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0005 - rpcbind security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0005\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0005.html\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~33.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~11.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-11-20T00:00:00", "id": "OPENVAS:1361412562310806707", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806707", "title": "Fedora Update for rpcbind FEDORA-2015-9", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rpcbind FEDORA-2015-9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806707\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-20 06:19:18 +0100 (Fri, 20 Nov 2015)\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rpcbind FEDORA-2015-9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpcbind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rpcbind on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172152.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.3~0.3.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-01-08T00:00:00", "id": "OPENVAS:1361412562310871537", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871537", "title": "RedHat Update for rpcbind RHSA-2016:0005-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for rpcbind RHSA-2016:0005-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871537\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-08 06:30:15 +0100 (Fri, 08 Jan 2016)\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for rpcbind RHSA-2016:0005-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpcbind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The rpcbind utility is a server that converts\nRPC program numbers into universal addresses. It must be running on the host to be\nable to make RPC calls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could possibly\nexploit this flaw to crash the rpcbind service by performing a series of\nUDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. If the rpcbind service\nis running, it will be automatically restarted after installing this\nupdate.\");\n script_tag(name:\"affected\", value:\"rpcbind on Red Hat Enterprise Linux\nDesktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0005-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-January/msg00002.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~33.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpcbind-debuginfo\", rpm:\"rpcbind-debuginfo~0.2.0~33.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"rpcbind\", rpm:\"rpcbind~0.2.0~11.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpcbind-debuginfo\", rpm:\"rpcbind-debuginfo~0.2.0~11.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-10-01T00:00:00", "id": "OPENVAS:1361412562310842473", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842473", "title": "Ubuntu Update for rpcbind USN-2756-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for rpcbind USN-2756-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842473\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:13:14 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-7236\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for rpcbind USN-2756-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rpcbind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that rpcbind incorrectly\nhandled certain memory structures. A remote attacker could use this issue to cause\nrpcbind to crash, resulting in a denial of service, or possibly execute arbitrary\ncode.\");\n script_tag(name:\"affected\", value:\"rpcbind on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2756-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2756-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.1-6ubuntu3.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.1-2ubuntu2.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"rpcbind\", ver:\"0.2.0-7ubuntu1.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "description": "User-after-free conditions.", "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:VULN:14701", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14701", "title": "rpcbind use-after-free", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "description": "\r\n\r\n=============================================================================\r\nFreeBSD-SA-15:24.rpcbind Security Advisory\r\n The FreeBSD Project\r\n\r\nTopic: rpcbind(8) remote denial of service\r\n\r\nCategory: core\r\nModule: rpcbind\r\nAnnounced: 2015-09-29\r\nAffects: All supported versions of FreeBSD.\r\nCorrected: 2015-09-29 18:06:27 UTC (stable/10, 10.2-STABLE)\r\n 2015-09-29 18:07:18 UTC (releng/10.2, 10.2-RELEASE-p4)\r\n 2015-09-29 18:07:18 UTC (releng/10.1, 10.1-RELEASE-p21)\r\n 2015-09-29 18:06:27 UTC (stable/9, 9.3-STABLE)\r\n 2015-09-29 18:07:18 UTC (releng/9.3, 9.3-RELEASE-p27)\r\nCVE Name: CVE-2015-7236\r\n\r\nFor general information regarding FreeBSD Security Advisories,\r\nincluding descriptions of the fields above, security branches, and the\r\nfollowing sections, please visit <URL:https://security.FreeBSD.org/>.\r\n\r\nI. Background\r\n\r\nSun RPC is a remote procedure call framework which allows clients to invoke\r\nprocedures in a server process over a network transparently.\r\n\r\nThe rpcbind(8) utility is a server that converts RPC program numbers into\r\nuniversal addresses. It must be running on the host to be able to make RPC\r\ncalls on a server on that machine.\r\n\r\nThe Sun RPC framework uses a netbuf structure to represent the transport\r\nspecific form of a universal transport address. The structure is expected\r\nto be opaque to consumers. In the current implementation, the structure\r\ncontains a pointer to a buffer that holds the actual address.\r\n\r\nII. Problem Description\r\n\r\nIn rpcbind(8), netbuf structures are copied directly, which would result in\r\ntwo netbuf structures that reference to one shared address buffer. When one\r\nof the two netbuf structures is freed, access to the other netbuf structure\r\nwould result in an undefined result that may crash the rpcbind(8) daemon.\r\n\r\nIII. Impact\r\n\r\nA remote attacker who can send specifically crafted packets to the rpcbind(8)\r\ndaemon can cause it to crash, resulting in a denial of service condition.\r\n\r\nIV. Workaround\r\n\r\nNo workaround is available, but systems that do not provide the rpcbind(8)\r\nservice to untrusted systems, or do not provide any RPC services are not\r\nvulnerable. On FreeBSD, typical RPC based services includes NIS and NFS.\r\n\r\nAlternatively, rpcbind(8) can be configured to bind on specific IP\r\naddress(es) by using the '-h' option. This may be used to reduce the attack\r\nvector when the system has multiple network interfaces and when some of them\r\nwould face an untrusted network.\r\n\r\nV. Solution\r\n\r\nPerform one of the following:\r\n\r\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\r\nrelease / security branch (releng) dated after the correction date.\r\n\r\nRestart the applicable daemons, or reboot the system. Because rpcbind(8)\r\nis an essential service to all RPC service daemons, these daemons may also\r\nneed to be restarted.\r\n\r\n2) To update your vulnerable system via a binary patch:\r\n\r\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\r\nplatforms can be updated via the freebsd-update(8) utility:\r\n\r\n# freebsd-update fetch\r\n# freebsd-update install\r\n\r\nRestart the applicable daemons, or reboot the system. Because rpcbind(8)\r\nis an essential service to all RPC service daemons, these daemons may also\r\nneed to be restarted.\r\n\r\n3) To update your vulnerable system via a source code patch:\r\n\r\nThe following patches have been verified to apply to the applicable\r\nFreeBSD release branches.\r\n\r\na) Download the relevant patch from the location below, and verify the\r\ndetached PGP signature using your PGP utility.\r\n\r\n# fetch https://security.FreeBSD.org/patches/SA-15:24/rpcbind.patch\r\n# fetch https://security.FreeBSD.org/patches/SA-15:24/rpcbind.patch.asc\r\n# gpg --verify rpcbind.patch.asc\r\n\r\nb) Apply the patch. Execute the following commands as root:\r\n\r\n# cd /usr/src\r\n# patch < /path/to/patch\r\n\r\nc) Recompile the operating system using buildworld and installworld as\r\ndescribed in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.\r\n\r\nRestart the applicable daemons, or reboot the system.\r\n\r\nVI. Correction details\r\n\r\nThe following list contains the correction revision numbers for each\r\naffected branch.\r\n\r\nBranch/path Revision\r\n-------------------------------------------------------------------------\r\nstable/9/ r288384\r\nreleng/9.3/ r288385\r\nstable/10/ r288384\r\nreleng/10.1/ r288385\r\nreleng/10.2/ r288385\r\n-------------------------------------------------------------------------\r\n\r\nTo see which files were modified by a particular revision, run the\r\nfollowing command, replacing NNNNNN with the revision number, on a\r\nmachine with Subversion installed:\r\n\r\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\r\n\r\nOr visit the following URL, replacing NNNNNN with the revision number:\r\n\r\n<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>\r\n\r\nVII. References\r\n\r\n<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7236>\r\n\r\n<URL:https://bugzilla.suse.com/show_bug.cgi?id=946204>\r\n\r\nThe latest revision of this advisory is available at\r\n<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:24.rpcbind.asc>\r\n\r\n", "modified": "2015-10-05T00:00:00", "published": "2015-10-05T00:00:00", "id": "SECURITYVULNS:DOC:32521", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32521", "title": "FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:25:11", "bulletinFamily": "scanner", "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-29T00:00:00", "id": "SUSE_SU-2015-1706-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86344", "published": "2015-10-12T00:00:00", "title": "SUSE SLED11 / SLES11 Security Update : rpcbind (SUSE-SU-2015:1706-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1706-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86344);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : rpcbind (SUSE-SU-2015:1706-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151706-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa6a1a4b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-rpcbind-12123=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-rpcbind-12123=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-rpcbind-12123=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-rpcbind-12123=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-rpcbind-12123=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-rpcbind-12123=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-rpcbind-12123=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! ereg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"rpcbind-0.1.6+git20080930-6.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:28:32", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201611-17 (RPCBind: Denial of Service)\n\n A use-after-free vulnerability was discovered in RPCBind’s svc_dodestroy function when trying to free a corrupted xprt->xp_netid pointer.\n Impact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2016-11-23T00:00:00", "id": "GENTOO_GLSA-201611-17.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95268", "published": "2016-11-23T00:00:00", "title": "GLSA-201611-17 : RPCBind: Denial of Service", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201611-17.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95268);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2016/11/23 14:38:51 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_xref(name:\"GLSA\", value:\"201611-17\");\n\n script_name(english:\"GLSA-201611-17 : RPCBind: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201611-17\n(RPCBind: Denial of Service)\n\n A use-after-free vulnerability was discovered in RPCBind’s\n svc_dodestroy function when trying to free a corrupted xprt->xp_netid\n pointer.\n \nImpact :\n\n A remote attacker could possibly cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201611-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All RPCBind users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-nds/rpcbind-0.2.3-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-nds/rpcbind\", unaffected:make_list(\"ge 0.2.3-r1\"), vulnerable:make_list(\"lt 0.2.3-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"RPCBind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:07", "bulletinFamily": "scanner", "description": "A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service (rpcbind crash).", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-3366.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86108", "published": "2015-09-24T00:00:00", "title": "Debian DSA-3366-1 : rpcbind - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3366. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86108);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_xref(name:\"DSA\", value:\"3366\");\n\n script_name(english:\"Debian DSA-3366-1 : rpcbind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount\na denial of service (rpcbind crash).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/rpcbind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/rpcbind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3366\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the rpcbind packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 0.2.0-8+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.2.1-6+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"rpcbind\", reference:\"0.2.0-8+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rpcbind\", reference:\"0.2.1-6+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:26:15", "bulletinFamily": "scanner", "description": "rpcbind-0.2.3-0.4.fc23 - Fixed Seg fault in PMAP_CALLIT code (bz1264351) rpcbind-0.2.3-0.3.fc22 - Fixed Seg fault in PMAP_CALLIT code (bz 1264351)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2015-9EEE2FBC78.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=89339", "published": "2016-03-04T00:00:00", "title": "Fedora 22 : rpcbind-0.2.3-0.3.fc22 (2015-9eee2fbc78)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9eee2fbc78.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89339);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:42:53 $\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_xref(name:\"FEDORA\", value:\"2015-9eee2fbc78\");\n\n script_name(english:\"Fedora 22 : rpcbind-0.2.3-0.3.fc22 (2015-9eee2fbc78)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"rpcbind-0.2.3-0.4.fc23 - Fixed Seg fault in PMAP_CALLIT code\n(bz1264351) rpcbind-0.2.3-0.3.fc22 - Fixed Seg fault in PMAP_CALLIT\ncode (bz 1264351)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1159941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1264351\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172152.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dabe2a37\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rpcbind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"rpcbind-0.2.3-0.3.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:48", "bulletinFamily": "scanner", "description": "Updated rpcbind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the rpcbind service is running, it will be automatically restarted after installing this update.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2016-0005.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=87805", "published": "2016-01-08T00:00:00", "title": "RHEL 6 / 7 : rpcbind (RHSA-2016:0005)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0005. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87805);\n script_version(\"2.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:55\");\n\n script_cve_id(\"CVE-2015-7236\");\n script_xref(name:\"RHSA\", value:\"2016:0005\");\n\n script_name(english:\"RHEL 6 / 7 : rpcbind (RHSA-2016:0005)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated rpcbind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe rpcbind utility is a server that converts RPC program numbers into\nuniversal addresses. It must be running on the host to be able to make\nRPC calls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could\npossibly exploit this flaw to crash the rpcbind service by performing\na series of UDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. If the rpcbind\nservice is running, it will be automatically restarted after\ninstalling this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7236\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rpcbind and / or rpcbind-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0005\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpcbind-0.2.0-11.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpcbind-0.2.0-11.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpcbind-0.2.0-11.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"rpcbind-debuginfo-0.2.0-11.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"rpcbind-debuginfo-0.2.0-11.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rpcbind-debuginfo-0.2.0-11.el6_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rpcbind-0.2.0-33.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rpcbind-0.2.0-33.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"rpcbind-debuginfo-0.2.0-33.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rpcbind-debuginfo-0.2.0-33.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind / rpcbind-debuginfo\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:26:32", "bulletinFamily": "scanner", "description": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Utilities). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.\n\nThis plugin has been deprecated and either replaced with individual 152265 patch-revision plugins, or deemed non-security related.", "modified": "2018-07-30T00:00:00", "id": "SOLARIS10_X86_152265.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90089", "published": "2016-03-22T00:00:00", "title": "Solaris 10 (x86) : 152265-01 (deprecated)", "type": "nessus", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90089);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:15\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"Solaris 10 (x86) : 152265-01 (deprecated)\");\n script_summary(english:\"Check for patch 152265-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Systems Products\nSuite (subcomponent: Utilities). Supported versions that are affected\nare 10 and 11.3. Easily exploitable vulnerability allows\nunauthenticated attacker with network access via RPC to compromise\nSolaris. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a hang or frequently repeatable crash\n(complete DOS) of Solaris.\n\nThis plugin has been deprecated and either replaced with individual\n152265 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/152265-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 152265 instead.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:26:32", "bulletinFamily": "scanner", "description": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Utilities). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.\n\nThis plugin has been deprecated and either replaced with individual 152264 patch-revision plugins, or deemed non-security related.", "modified": "2018-07-30T00:00:00", "id": "SOLARIS10_152264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90085", "published": "2016-03-22T00:00:00", "title": "Solaris 10 (sparc) : 152264-01 (deprecated)", "type": "nessus", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90085);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:15\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"Solaris 10 (sparc) : 152264-01 (deprecated)\");\n script_summary(english:\"Check for patch 152264-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Systems Products\nSuite (subcomponent: Utilities). Supported versions that are affected\nare 10 and 11.3. Easily exploitable vulnerability allows\nunauthenticated attacker with network access via RPC to compromise\nSolaris. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a hang or frequently repeatable crash\n(complete DOS) of Solaris.\n\nThis plugin has been deprecated and either replaced with individual\n152264 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/152264-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 152264 instead.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:26:43", "bulletinFamily": "scanner", "description": "This Solaris system is missing necessary patches to address a critical security update :\n\n - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Utilities).\n Supported versions that are affected are 10 and 11.3.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.\n (CVE-2015-7236)", "modified": "2018-11-14T00:00:00", "id": "SOLARIS_APR2016_SRU11_3_4_5_0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=90619", "published": "2016-04-21T00:00:00", "title": "Oracle Solaris Critical Patch Update : apr2016_SRU11_3_4_5_0", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle CPU for apr2016.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90619);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/11/14 14:36:23\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"Oracle Solaris Critical Patch Update : apr2016_SRU11_3_4_5_0\");\n script_summary(english:\"Check for the apr2016 CPU\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch from CPU\napr2016.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Solaris system is missing necessary patches to address a critical\nsecurity update :\n\n - Vulnerability in the Solaris component of Oracle Sun\n Systems Products Suite (subcomponent: Utilities).\n Supported versions that are affected are 10 and 11.3.\n Easily exploitable vulnerability allows unauthenticated\n attacker with network access via RPC to compromise\n Solaris. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of Solaris.\n (CVE-2015-7236)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.oracle.com/epmos/faces/DocumentDisplay?id=2123591.1\"\n );\n # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/2948264.xml\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ae0f7f52\"\n );\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ffb7b96f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the apr2016 CPU from the Oracle support website.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\n\n\nfix_release = \"0.5.11-0.175.3.4.0.5.0\";\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.3.4.0.5.0\", sru:\"11.3.4.5.0\") > 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report2());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_OS_RELEASE_NOT, \"Solaris\", fix_release, release);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:11", "bulletinFamily": "scanner", "description": "A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-29T00:00:00", "id": "SUSE_SU-2015-1705-2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86343", "published": "2015-10-12T00:00:00", "title": "SUSE SLED12 Security Update : rpcbind (SUSE-SU-2015:1705-2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1705-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86343);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"SUSE SLED12 Security Update : rpcbind (SUSE-SU-2015:1705-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free security bug in rpcbind was fixed which could lead to\na remote denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7236/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151705-2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d97f810\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-659=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rpcbind-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"rpcbind-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"rpcbind-debuginfo-0.2.1_rc4-13.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"rpcbind-debugsource-0.2.1_rc4-13.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rpcbind\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:05", "bulletinFamily": "scanner", "description": "A use-after-free vulnerability in rpcbind causing remotely triggerable crash was found. Rpcbind crashes in svc_dodestroy when trying to free a corrupted xprt->xp_netid pointer, which contains a sockaddr_in.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-09T00:00:00", "id": "DEBIAN_DLA-311.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86021", "published": "2015-09-21T00:00:00", "title": "Debian DLA-311-1 : rpcbind security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-311-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86021);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/07/09 12:26:57\");\n\n script_cve_id(\"CVE-2015-7236\");\n\n script_name(english:\"Debian DLA-311-1 : rpcbind security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free vulnerability in rpcbind causing remotely triggerable\ncrash was found. Rpcbind crashes in svc_dodestroy when trying to free\na corrupted xprt->xp_netid pointer, which contains a sockaddr_in.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/09/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/rpcbind\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected rpcbind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rpcbind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"rpcbind\", reference:\"0.2.0-4.1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:47:01", "bulletinFamily": "unix", "description": "The rpcbind utility is a server that converts RPC program numbers into\nuniversal addresses. It must be running on the host to be able to make RPC\ncalls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could possibly\nexploit this flaw to crash the rpcbind service by performing a series of\nUDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. If the rpcbind service\nis running, it will be automatically restarted after installing this\nupdate.\n", "modified": "2018-06-06T20:24:37", "published": "2016-01-07T05:00:00", "id": "RHSA-2016:0005", "href": "https://access.redhat.com/errata/RHSA-2016:0005", "type": "redhat", "title": "(RHSA-2016:0005) Moderate: rpcbind security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:41", "bulletinFamily": "unix", "description": "A use-after-free vulnerability has been found in rpcbind, leading to\nmemory corruption then crash in the svc_dodestroy() function while\ntrying to free a corrupted xprt->xp_netid pointer.", "modified": "2015-09-25T00:00:00", "published": "2015-09-25T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html", "id": "ASA-201509-10", "title": "rpcbind: denial of service", "type": "archlinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "unix", "description": "\nProblem Description:\nIn rpcbind(8), netbuf structures are copied directly,\n\twhich would result in two netbuf structures that reference\n\tto one shared address buffer. When one of the two netbuf\n\tstructures is freed, access to the other netbuf structure\n\twould result in an undefined result that may crash the\n\trpcbind(8) daemon.\nImpact:\nA remote attacker who can send specifically crafted\n\tpackets to the rpcbind(8) daemon can cause it to crash,\n\tresulting in a denial of service condition.\n", "modified": "2015-09-29T00:00:00", "published": "2015-09-29T00:00:00", "id": "0E5D6969-600A-11E6-A6C3-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/0e5d6969-600a-11e6-a6c3-14dae9d210b8.html", "title": "FreeBSD -- rpcbind(8) remote denial of service [REVISED]", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:34:26", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2016:0005\n\n\nThe rpcbind utility is a server that converts RPC program numbers into\nuniversal addresses. It must be running on the host to be able to make RPC\ncalls on a server on that machine.\n\nA use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP\nconnections was discovered in rpcbind. A remote attacker could possibly\nexploit this flaw to crash the rpcbind service by performing a series of\nUDP and TCP calls. (CVE-2015-7236)\n\nAll rpcbind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. If the rpcbind service\nis running, it will be automatically restarted after installing this\nupdate.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/021593.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/021604.html\n\n**Affected packages:**\nrpcbind\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0005.html", "modified": "2016-01-07T22:29:35", "published": "2016-01-07T22:08:03", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/021593.html", "id": "CESA-2016:0005", "title": "rpcbind security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:00", "bulletinFamily": "unix", "description": "Package : rpcbind\nVersion : 0.2.0-4.1+deb6u1\nCVE ID : CVE-2015-7236\n\n\nA use-after-free vulnerability in rpcbind causing remotely triggerable \ncrash was found. Rpcbind crashes in svc_dodestroy when trying to free a \ncorrupted xprt->xp_netid pointer, which contains a sockaddr_in.\n\n", "modified": "2015-09-20T14:15:33", "published": "2015-09-20T14:15:33", "id": "DEBIAN:DLA-311-1:16C90", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201509/msg00006.html", "title": "[SECURITY] [DLA 311-1] rpcbind security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:21:22", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3366-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 23, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : rpcbind\nCVE ID : CVE-2015-7236\nDebian Bug : 799307\n\nA remotely triggerable use-after-free vulnerability was found in\nrpcbind, a server that converts RPC program numbers into universal\naddresses. A remote attacker can take advantage of this flaw to mount a\ndenial of service (rpcbind crash).\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 0.2.0-8+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.2.1-6+deb8u1.\n\nWe recommend that you upgrade your rpcbind packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-09-23T20:35:19", "published": "2015-09-23T20:35:19", "id": "DEBIAN:DSA-3366-1:9CDF5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00265.html", "title": "[SECURITY] [DSA 3366-1] rpcbind security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T19:21:18", "bulletinFamily": "unix", "description": "It was discovered that rpcbind incorrectly handled certain memory structures. A remote attacker could use this issue to cause rpcbind to crash, resulting in a denial of service, or possibly execute arbitrary code.", "modified": "2015-09-30T00:00:00", "published": "2015-09-30T00:00:00", "id": "USN-2756-1", "href": "https://usn.ubuntu.com/2756-1/", "title": "rpcbind vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oracle": [{"lastseen": "2019-05-29T18:21:01", "bulletinFamily": "software", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 136 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n** Please note that on March 23, 2016, Oracle released [Security Alert for Java SE for CVE-2016-0636](<http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html>). Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced for CVE-2016-0636. **\n\nPlease also note that the vulnerabilities in this Critical Patch Update are scored using versions 3.0 and 2.0 of Common Vulnerability Scoring Standard (CVSS). Future Critical Patch Updates and Security Alerts will be scored using CVSS version 3.0 only.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "modified": "2016-12-20T00:00:00", "published": "2016-04-19T00:00:00", "id": "ORACLE:CPUAPR2016V3-2985753", "href": "", "title": "cpuapr2016v3", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
