Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2016-0257-1.NASL
HistoryJan 28, 2016 - 12:00 a.m.

SUSE SLED11 / SLES11 Security Update : mono-core (SUSE-SU-2016:0257-1)

2016-01-2800:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27
JSON

mono-core was updated to fix the following vulnerabilities :

  • CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation (bsc#958097)

  • CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU consumption due to lack of protection against predictable hash collisions when processing form parameters (bsc#739119)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:0257-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(88454);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-0689", "CVE-2012-3543");
  script_bugtraq_id(35510, 36565, 36851, 37078, 37080, 37687, 37688, 55251);

  script_name(english:"SUSE SLED11 / SLES11 Security Update : mono-core (SUSE-SU-2016:0257-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"mono-core was updated to fix the following vulnerabilities :

  - CVE-2009-0689: Remote attackers could cause a denial of
    service and possibly arbitrary code execution through
    the string-to-double parser implementation (bsc#958097)

  - CVE-2012-3543: Remote attackers could cause a denial of
    service through increased CPU consumption due to lack of
    protection against predictable hash collisions when
    processing form parameters (bsc#739119)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=739119"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=958097"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2009-0689/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2012-3543/"
  );
  # https://www.suse.com/support/update/announcement/2016/suse-su-20160257-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?a0ad9df0"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4 :

zypper in -t patch sdksp4-mono-core-12369=1

SUSE Linux Enterprise Software Development Kit 11-SP3 :

zypper in -t patch sdksp3-mono-core-12369=1

SUSE Linux Enterprise Server for VMWare 11-SP3 :

zypper in -t patch slessp3-mono-core-12369=1

SUSE Linux Enterprise Server 11-SP4 :

zypper in -t patch slessp4-mono-core-12369=1

SUSE Linux Enterprise Server 11-SP3 :

zypper in -t patch slessp3-mono-core-12369=1

SUSE Linux Enterprise Desktop 11-SP4 :

zypper in -t patch sledsp4-mono-core-12369=1

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bytefx-data-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ibm-data-db2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data-firebird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data-oracle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data-postgresql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-data-sybase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-extras");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-jscript");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-locale-extras");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-nunit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-wcf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-web");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mono-winforms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:monodoc-core");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/01/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/28");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED11|SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED11 / SLES11", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp);
if (os_ver == "SLED11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED11 SP4", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-core-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-data-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-data-postgresql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-data-sqlite-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-locale-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-nunit-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-web-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"mono-winforms-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-core-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-data-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-data-postgresql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-data-sqlite-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-locale-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-nunit-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-web-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mono-winforms-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"bytefx-data-mysql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"ibm-data-db2-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-core-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-firebird-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-oracle-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-postgresql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-sqlite-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-data-sybase-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-devel-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-jscript-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-locale-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-nunit-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-wcf-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-web-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"mono-winforms-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"monodoc-core-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"bytefx-data-mysql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"ibm-data-db2-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-core-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-firebird-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-oracle-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-postgresql-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-sqlite-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-data-sybase-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-devel-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-jscript-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-locale-extras-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-nunit-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-wcf-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-web-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"mono-winforms-2.6.7-0.16.1")) flag++;
if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"monodoc-core-2.6.7-0.16.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mono-core");
}
VendorProductVersionCPE
novellsuse_linuxbytefx-data-mysqlp-cpe:/a:novell:suse_linux:bytefx-data-mysql
novellsuse_linuxibm-data-db2p-cpe:/a:novell:suse_linux:ibm-data-db2
novellsuse_linuxmono-corep-cpe:/a:novell:suse_linux:mono-core
novellsuse_linuxmono-datap-cpe:/a:novell:suse_linux:mono-data
novellsuse_linuxmono-data-firebirdp-cpe:/a:novell:suse_linux:mono-data-firebird
novellsuse_linuxmono-data-oraclep-cpe:/a:novell:suse_linux:mono-data-oracle
novellsuse_linuxmono-data-postgresqlp-cpe:/a:novell:suse_linux:mono-data-postgresql
novellsuse_linuxmono-data-sqlitep-cpe:/a:novell:suse_linux:mono-data-sqlite
novellsuse_linuxmono-data-sybasep-cpe:/a:novell:suse_linux:mono-data-sybase
novellsuse_linuxmono-develp-cpe:/a:novell:suse_linux:mono-devel
Rows per page:
1-10 of 191

Related

nessus 53
openvas 56
ubuntucve 2
mageia 2
cve 3
gentoo 1
prion 2
debiancve 2
seebug 13
securityvulns 11
redhat 4
packetstorm 13
opera 1
osv 3
centos 3
fedora 2
veracode 1
threatpost 1
debian 5
oraclelinux 2
chrome 1
ubuntu 3
exploitpack 5
mozilla 1
freebsd 2
exploitdb 5
hackerone 1
suse 1
nessus
nessus
SUSE SLES11 Security Update : mono-core (SUSE-SU-2016:2958-1)
2016-12-01 00:00:00
GLSA-201405-16 : Mono: Denial of Service
2014-05-20 00:00:00
SuSE 11 Security Update : kdelibs4 (SAT Patch Number 1747)
2010-01-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0257-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2958-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2014-0244)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2012-3543
2012-08-28 00:00:00
CVE-2009-0689
2009-07-01 00:00:00
mageia
mageia
Updated mono packages fix security vulnerability
2014-05-29 11:07:39
Updated mono packages fix security vulnerability
2016-01-14 04:44:39
cve
cve
CVE-2012-3543
2019-11-21 14:15:00
CVE-2009-0689
2009-07-01 13:00:00
CVE-2009-1563
2009-10-29 14:30:00
gentoo
gentoo
Mono: Denial of service
2014-05-18 00:00:00
prion
prion
Code injection
2019-11-21 14:15:00
Heap overflow
2009-07-01 13:00:00
debiancve
debiancve
CVE-2012-3543
2019-11-21 14:15:00
CVE-2009-0689
2009-07-01 13:00:00
seebug
seebug
多个BSD系统gdtoa/misc.c文件内存破坏漏洞
2009-06-30 00:00:00
Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞
2010-05-25 00:00:00
KDE KDELibs 'dtoa()'远程代码执行漏洞
2009-11-24 00:00:00
securityvulns
securityvulns
Sun Solaris 10 libc/*convert &#40;*cvt&#41; buffer overflow
2010-05-27 00:00:00
Camino 1.6.10 Remote Array Overrun &#40;Arbitrary code execution&#41;
2009-12-15 00:00:00
Flock 2.5.2 Remote Array Overrun &#40;Arbitrary code execution&#41;
2009-12-15 00:00:00
redhat
redhat
(RHSA-2009:1601) Critical: kdelibs security update
2009-11-24 00:00:00
(RHSA-2014:0312) Critical: php security update
2014-03-18 00:00:00
(RHSA-2014:0311) Critical: php security update
2014-03-18 00:00:00
packetstorm
packetstorm
Flock 2.5.2 Remote Array Overrun
2009-12-12 00:00:00
J 6.02.023 Array Overrun
2010-01-09 00:00:00
Matlab R2009b Array Overrun
2010-01-09 00:00:00
opera
opera
Heap buffer overflow in string to number conversion
2009-11-20 00:00:00
osv
osv
mono - security update
2018-11-01 00:00:00
mono - security update
2015-12-30 00:00:00
kdelibs - arbitrary code execution
2010-02-17 00:00:00
centos
centos
kdelibs security update
2009-11-25 14:52:10
php security update
2014-03-19 01:15:26
seamonkey security update
2009-10-28 13:15:48
fedora
fedora
[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23
2015-12-29 22:26:22
[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11
2010-04-21 21:53:31
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:58:49
threatpost
threatpost
'High Risk' Flaw Fixed in Google Chrome
2009-10-06 22:32:02
debian
debian
[SECURITY] [DLA 376-1] mono security update
2015-12-30 11:29:31
[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution
2010-02-17 18:25:18
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:26:53
oraclelinux
oraclelinux
kdelibs security update
2009-11-24 00:00:00
php security update
2014-03-18 00:00:00
chrome
chrome
Stable Channel Update
2009-09-30 00:00:00
ubuntu
ubuntu
KDE vulnerabilities
2009-12-11 00:00:00
Mono vulnerabilities
2015-03-24 00:00:00
Thunderbird vulnerabilities
2010-03-18 00:00:00
exploitpack
exploitpack
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
Opera 10.01 - Remote Array Overrun
2009-11-19 00:00:00
SeaMonkey 1.1.8 - Remote Array Overrun
2009-11-19 00:00:00
mozilla
mozilla
Heap buffer overflow in string to number conversion — Mozilla
2009-10-27 00:00:00
freebsd
freebsd
mono -- DoS and code execution
2015-12-19 00:00:00
opera -- multiple vulnerabilities
2009-11-23 00:00:00
exploitdb
exploitdb
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
K-Meleon 1.5.3 - Remote Array Overrun
2009-11-19 00:00:00
KDE KDELibs 4.3.3 - Remote Array Overrun
2009-11-19 00:00:00
hackerone
hackerone
Ruby: Ruby: Heap Overflow in Floating Point Parsing
2013-11-22 00:00:00
suse
suse
Security update for ruby (critical)
2013-12-05 18:04:15
JSON
Related for SUSE_SU-2016-0257-1.NASL
nessus53openvas56ubuntucve2mageia2cve3gentoo1prion2debiancve2seebug13securityvulns11redhat4packetstorm13opera1osv3centos3fedora2veracode1threatpost1debian5oraclelinux2chrome1ubuntu3exploitpack5mozilla1freebsd2exploitdb5hackerone1suse1