Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-0234-1.NASL
HistoryJan 27, 2020 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy)

2020-01-2700:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30

8.9 High

AI Score

Confidence

Low

JSON

This update for python fixes the following issues :

Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions (bsc#1159035).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:0234-1.
# The text itself is copyright (C) SUSE.
#

include('compat.inc');

if (description)
{
  script_id(133259);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/28");

  script_cve_id(
    "CVE-2007-2052",
    "CVE-2008-1721",
    "CVE-2008-2315",
    "CVE-2008-2316",
    "CVE-2008-3142",
    "CVE-2008-3143",
    "CVE-2008-3144",
    "CVE-2011-1521",
    "CVE-2011-3389",
    "CVE-2011-4944",
    "CVE-2012-0845",
    "CVE-2012-1150",
    "CVE-2013-1752",
    "CVE-2013-1753",
    "CVE-2013-4238",
    "CVE-2014-1912",
    "CVE-2014-4650",
    "CVE-2014-7185",
    "CVE-2016-0772",
    "CVE-2016-1000110",
    "CVE-2016-5636",
    "CVE-2016-5699",
    "CVE-2017-1000158",
    "CVE-2017-18207",
    "CVE-2018-1000030",
    "CVE-2018-1000802",
    "CVE-2018-1060",
    "CVE-2018-1061",
    "CVE-2018-14647",
    "CVE-2018-20852",
    "CVE-2019-10160",
    "CVE-2019-16056",
    "CVE-2019-16935",
    "CVE-2019-5010",
    "CVE-2019-9636",
    "CVE-2019-9947",
    "CVE-2019-9948"
  );
  script_bugtraq_id(
    28715,
    30491,
    47024,
    49388,
    49778,
    51239,
    52732,
    61738,
    63804,
    65379,
    66958,
    68147,
    70089
  );
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update for python fixes the following issues :

Updated to version 2.7.17 to unify packages among openSUSE:Factory and
SLE versions (bsc#1159035).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1027282");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1041090");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1042670");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1068664");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1073269");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1073748");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078326");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078485");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1079300");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1081750");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1083507");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1084650");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086001");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088004");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088009");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109847");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111793");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1113755");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1122191");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129346");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1130840");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1130847");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1138459");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1141853");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1149792");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1149955");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1153238");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1153830");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159035");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=214983");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=298378");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=346490");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=367853");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=379534");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=380942");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=399190");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=406051");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=425138");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=426563");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=430761");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=432677");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=436966");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=437293");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=441088");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=462375");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=525295");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=534721");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=551715");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=572673");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=577032");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=581765");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=603255");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=617751");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=637176");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=638233");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=658604");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=673071");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=682554");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=697251");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=707667");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=718009");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=747125");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=747794");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=751718");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=754447");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=766778");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=794139");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=804978");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=827982");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=831442");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=834601");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=836739");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=856835");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=856836");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=857470");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=863741");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=885882");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=898572");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=901715");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=935856");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=945401");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=964182");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=984751");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=985177");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=985348");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=989523");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=997436");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2007-2052/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-1721/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-2315/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-2316/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-3142/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-3143/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2008-3144/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2011-1521/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2011-3389/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2011-4944/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2012-0845/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2012-1150/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-1752/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-1753/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-4238/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2014-1912/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2014-4650/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2014-7185/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-0772/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1000110/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-5636/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-5699/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-1000158/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-18207/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-1000030/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-1000802/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-1060/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-1061/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14647/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-20852/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-10160/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16056/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16935/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-5010/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9636/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9947/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9948/");
  # https://www.suse.com/support/update/announcement/2020/suse-su-20200234-1/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a7e022df");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Python2 15-SP1 :

zypper in -t patch SUSE-SLE-Module-Python2-15-SP1-2020-234=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15-SP1 :

zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-234=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15 :

zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2020-234=1

SUSE Linux Enterprise Module for Desktop Applications 15-SP1 :

zypper in -t patch
SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-234=1

SUSE Linux Enterprise Module for Desktop Applications 15 :

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2020-234=1

SUSE Linux Enterprise Module for Basesystem 15-SP1 :

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-234=1

SUSE Linux Enterprise Module for Basesystem 15 :

zypper in -t patch SUSE-SLE-Module-Basesystem-15-2020-234=1");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5636");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-9636");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/01/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-idle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0/1", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"python-32bit-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"python-32bit-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"python-base-32bit-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"python-base-32bit-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libpython2_7-1_0-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libpython2_7-1_0-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-base-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-base-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-base-debugsource-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-curses-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-curses-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-debugsource-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-demo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-devel-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-gdbm-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-gdbm-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-idle-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-tk-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-tk-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-xml-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"python-xml-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libpython2_7-1_0-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libpython2_7-1_0-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-base-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-base-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-base-debugsource-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-curses-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-curses-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-debugsource-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-demo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-devel-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-gdbm-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-gdbm-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-idle-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-tk-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-tk-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-xml-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"python-xml-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"python-32bit-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"python-32bit-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"python-base-32bit-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"python-base-32bit-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libpython2_7-1_0-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libpython2_7-1_0-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-base-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-base-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-base-debugsource-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-curses-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-curses-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-debugsource-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-demo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-devel-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-gdbm-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-gdbm-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-idle-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-tk-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-tk-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-xml-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"python-xml-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libpython2_7-1_0-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libpython2_7-1_0-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-base-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-base-debuginfo-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-base-debugsource-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-curses-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-curses-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-debugsource-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-demo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-devel-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-gdbm-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-gdbm-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-idle-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-tk-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-tk-debuginfo-2.7.17-7.32.2")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-xml-2.7.17-7.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"python-xml-debuginfo-2.7.17-7.32.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python");
}
VendorProductVersionCPE
novellsuse_linuxlibpython2_7p-cpe:/a:novell:suse_linux:libpython2_7
novellsuse_linuxlibpython2_7-1_0p-cpe:/a:novell:suse_linux:libpython2_7-1_0
novellsuse_linuxlibpython2_7-1_0-32bit-debuginfop-cpe:/a:novell:suse_linux:libpython2_7-1_0-32bit-debuginfo
novellsuse_linuxlibpython2_7-1_0-debuginfop-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo
novellsuse_linuxpythonp-cpe:/a:novell:suse_linux:python
novellsuse_linuxpython-32bit-debuginfop-cpe:/a:novell:suse_linux:python-32bit-debuginfo
novellsuse_linuxpython-basep-cpe:/a:novell:suse_linux:python-base
novellsuse_linuxpython-base-32bit-debuginfop-cpe:/a:novell:suse_linux:python-base-32bit-debuginfo
novellsuse_linuxpython-base-debuginfop-cpe:/a:novell:suse_linux:python-base-debuginfo
novellsuse_linuxpython-base-debugsourcep-cpe:/a:novell:suse_linux:python-base-debugsource
Rows per page:
1-10 of 241

References

Related

openvas 73
suse 1
nessus 53
securityvulns 2
seebug 2
gentoo 2
ubuntu 7
cloudfoundry 3
oraclelinux 6
freebsd 1
redhat 9
slackware 1
ibm 6
osv 9
centos 2
debian 9
mageia 3
veracode 5
fedora 4
f5 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0234-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for python3 (openSUSE-SU-2020:0086_1)
2020-01-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0114-1)
2021-06-09 00:00:00
suse
suse
Security update for python3 (important)
2020-01-21 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy)
2020-01-17 00:00:00
openSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)
2020-01-22 00:00:00
EulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)
2019-05-14 00:00:00
securityvulns
securityvulns
[ GLSA 200807-16 ] Python: Multiple vulnerabilities
2008-08-01 00:00:00
Python multiple security vulnerabilities
2008-08-01 00:00:00
seebug
seebug
Python多个整数溢出漏洞
2008-08-06 00:00:00
Python存在多个缓冲区溢出漏洞
2008-08-07 00:00:00
gentoo
gentoo
Python: Multiple vulnerabilities
2008-07-31 00:00:00
Python: Multiple vulnerabilities
2020-03-15 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2018-11-13 00:00:00
Python vulnerabilities
2018-11-15 00:00:00
Python vulnerabilities
2016-11-22 00:00:00
cloudfoundry
cloudfoundry
USN-3817-1: Python vulnerabilities | Cloud Foundry
2018-11-20 00:00:00
USN-3134-1: Python vulnerabilities | Cloud Foundry
2016-12-14 00:00:00
USN-4127-1: Python vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2016-11-09 00:00:00
python security, bug fix, and enhancement update
2015-07-28 00:00:00
python security and bug fix update
2019-08-13 00:00:00
freebsd
freebsd
python -- multiple vulnerabilities
2008-08-04 00:00:00
redhat
redhat
(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update
2015-06-04 00:00:00
(RHSA-2019:3725) Moderate: rh-python36-python security, bug fix, and enhancement update
2019-11-06 09:12:32
(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update
2015-07-22 00:00:00
slackware
slackware
[slackware-security] python
2008-08-04 20:55:27
ibm
ibm
Security Bulletin: Python vulnerabilities affect IBM SmartCloud Entry (CVE-2013-1752 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185)
2020-07-19 00:49:12
Security Bulletin: Multiple Vulnerabilities in python 2.6.4 used in OS Image for AIX shipped with IBM Cloud Pak System
2020-05-06 11:57:04
Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Python
2019-03-12 21:05:01
osv
osv
python2.4 - several vulnerabilities
2008-11-19 00:00:00
python2.6 - security update
2014-07-31 00:00:00
python2.7 - security update
2018-09-27 00:00:00
centos
centos
python, tkinter security update
2015-07-26 14:11:19
python, tkinter security update
2016-08-18 17:23:01
debian
debian
[SECURITY] [DLA 1834-1] python2.7 security update
2019-06-25 03:40:12
[SECURITY] [DSA 1667-1] New python2.4 packages fix several vulnerabilities
2008-11-19 18:23:36
[SECURITY] [DLA 2337-1] python2.7 security update
2020-08-22 14:48:43
mageia
mageia
Updated python packages fix security vulnerabilities
2019-11-08 02:36:48
Updated python packages fix security vulnerabilities
2019-01-01 01:42:09
Updated python packages fix security vulnerabilities
2016-06-22 19:36:39
veracode
veracode
Improper Input Validation
2019-05-02 05:39:24
Sensitive Information Leakage
2019-05-02 05:39:25
Improper Input Validation
2019-05-02 05:39:24
fedora
fedora
[SECURITY] Fedora 29 Update: python2-2.7.17-1.fc29
2019-11-10 01:07:26
[SECURITY] Fedora 29 Update: python3-3.7.4-1.fc29
2019-08-05 01:41:23
[SECURITY] Fedora 29 Update: python35-3.5.7-1.fc29
2019-03-27 15:02:29
f5
f5
K75910138 : Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150
2018-09-11 00:00:00

8.9 High

AI Score

Confidence

Low

JSON
Related for SUSE_SU-2020-0234-1.NASL
openvas73suse1nessus53securityvulns2seebug2gentoo2ubuntu7cloudfoundry3oraclelinux6freebsd1redhat9slackware1ibm6osv9centos2debian9mageia3veracode5fedora4f51