DATABASE RESOURCES PRICING ABOUT US

{"id": "SUSE_SU-2022-2958-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLES15 Security Update : postgresql12 (SUSE-SU-2022:2958-1)", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2958-1 advisory.\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32029)\n\n - A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting. (CVE-2021-3677)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\n - A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-09-01T00:00:00", "modified": "2022-12-01T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.5}, "severity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/164542", "reporter": "This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23214", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2625", "https://www.suse.com/security/cve/CVE-2021-23222", "https://bugzilla.suse.com/1183168", "https://bugzilla.suse.com/1189748", "https://bugzilla.suse.com/1185925", "https://bugzilla.suse.com/1190740", "https://bugzilla.suse.com/1185952", "https://bugzilla.suse.com/1187751", "https://bugzilla.suse.com/1195680", "http://www.nessus.org/u?969a780d", "https://www.suse.com/security/cve/CVE-2021-32027", "https://bugzilla.suse.com/1198166", "https://www.suse.com/security/cve/CVE-2022-2625", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1552", "https://www.suse.com/security/cve/CVE-2022-1552", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23222", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32027", "https://www.suse.com/security/cve/CVE-2021-23214", "https://bugzilla.suse.com/1192516", "https://www.suse.com/security/cve/CVE-2021-32028", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3677", "https://www.suse.com/security/cve/CVE-2021-3677", "https://bugzilla.suse.com/1199475", "https://bugzilla.suse.com/1185924", "https://bugzilla.suse.com/1179945", "https://bugzilla.suse.com/1185926", "https://www.suse.com/security/cve/CVE-2021-32029", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32028", "https://bugzilla.suse.com/1202368", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32029"], "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3677", "CVE-2022-1552", "CVE-2022-2625"], "immutableFields": [], "lastseen": "2023-01-13T03:03:21", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:2360", "ALSA-2021:2361", "ALSA-2021:2372", "ALSA-2021:2375", "ALSA-2021:5235", "ALSA-2021:5236", "ALSA-2022:1830", "ALSA-2022:1891", "ALSA-2022:4805", "ALSA-2022:4807", "ALSA-2022:7128"]}, {"type": "altlinux", "idList": ["02446E29B9EE966B8FA7333848B35852", "09235B074B08120C6C59E24A7EDBA766", "0A94C38F2F041E17996F5756E9374630", "12C239C822CB331C5161013124C37710", "2BB73074B65D8FCE3728C0F82636208A", "31F0802BDDA7600F2604A0348A21DE50", "390D1D57A4A2C9B4A670F096BC9D39B0", "491682FB07B13F8F8A086A4D75BFD889", "63F410E2A01137F6EB70A084E7324583", "7304B4F01314CC213DBEBA587BDC4E3E", "874B9B2BBDE659B0D127D802A9E01836", "989B7034463B1E06F753FE466FBBEF49", "B8EBCADFB23196CDC2ADB7AA34CED16F", "D7132BF07342EC590602501F8B0FE4CC", "D83F260512B70F45AC60A714BB9769D8", "D861BD1FA1D38944FDB6A96841D980FD", "E65BBBD335B0186CEFFF550EF41F088B", "E95D651B2FED405498A50B0B9AEE122A", "FB31795BDD3BB671A7B3D697E27B5BEF", "FE319689A27EAE6632296A74977B9E49"]}, {"type": "amazon", "idList": ["ALAS-2021-1520", "ALAS2-2022-1843"]}, {"type": "archlinux", "idList": ["ASA-202106-15", "ASA-202203-1", "ASA-202204-1"]}, {"type": "centos", "idList": ["CESA-2022:5162"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:C5C661DE2166D4C9CD7D0550A8CA491D", "CFOUNDRY:E74CB4D3B1C653C6FB971D05FB03DC9D"]}, {"type": "cve", "idList": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3677", "CVE-2021-43766", "CVE-2021-43767", "CVE-2022-1552", "CVE-2022-2625"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2662-1:63279", "DEBIAN:DLA-2662-1:8110C", "DEBIAN:DLA-2817-1:BB858", "DEBIAN:DLA-2817-1:D35F5", "DEBIAN:DLA-3072-1:461C3", "DEBIAN:DSA-4915-1:463E6", "DEBIAN:DSA-5006-1:C171A", "DEBIAN:DSA-5007-1:CBB51", "DEBIAN:DSA-5135-1:537DD", "DEBIAN:DSA-5136-1:CB6F1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-23214", "DEBIANCVE:CVE-2021-23222", "DEBIANCVE:CVE-2021-32027", "DEBIANCVE:CVE-2021-32028", "DEBIANCVE:CVE-2021-32029", "DEBIANCVE:CVE-2021-3677", "DEBIANCVE:CVE-2022-1552", "DEBIANCVE:CVE-2022-2625"]}, {"type": "fedora", "idList": ["FEDORA:1DAB930BB4CA"]}, {"type": "freebsd", "idList": ["157CE083-D145-11EC-AB9B-6CC21735F730", "2CCD71BD-426B-11EC-87DB-6CC21735F730", "62DA9702-B4CC-11EB-B9C9-6CC21735F730", "76E0BB86-B4CB-11EB-B9C9-6CC21735F730", "B471130B-FB86-11EB-87DB-6CC21735F730"]}, {"type": "gentoo", "idList": ["GLSA-202211-04"]}, {"type": "ibm", "idList": ["000FBFF0166C19FC2699ACBE6ACE1F593BC214F51533333A1563D2327B7EA585", "09286360A7690174E4DFEFC09F545266004EED4C6B44A59029FD7D8E3DA25CF0", "0E9DE26424CAC2C8B7110B4332C230928EE7C869EABA707356CA55283B450653", "1841E92577ACD6AADDBB49C1995A398D151CBC9679F1BA2B9C77425F2E40A55C", "1CF17312477F7F0D4E6448328F9306746DBD671DAB585BC7926120F1E8D5B5CD", "1E8EB664DDC627C3309FB200921E9D61D835AF04A5F675805F93C64918337FD4", "2ABB8F3F22562D1084E14B047C681CC79E1AA1427B8FA50635EA0FB5B30FCB57", "3C4163E1EC21ACD01CD5A7DA2D162A86557F2184EABD9426C3B8D8239C102C88", "3F8EBF0B2736BFAA90B8CE738DD62A6D81F70C1046B29A44385A1CEC02AAB0EF", "452BAB417CDCD2CA31A6B223BC9D691426AEDC559EC213DACE47C5EE107A2078", "45D7C0514A1FC00664E6BAE60DF51DCDEFD7A9BC247508D7D821852A87FEE3C6", "48A3F8D6527547DCE6CF69A145EB205517576F1D6E11AB64BF37B6D6730B2B1B", "4EFC83BBFE952B5A30622818E7241DB8A09B971E9B7ACADE5BA7D19EF0AEA021", "565C98E17BAB791BFD12CB6910DB2160173B321DB556E36239E115FA14DCC1F7", "586079F2784415F11715AA371B0D4BA2515386E25B4F1BF559100161C0C34C16", "73690C7628C2701C8622483A2C873B9297E57EA8F79B9C0F4CAF8CAC0E601E3C", "74E733EAD00CC1443998FEAEB40A5B9D2B95F7D92F0086469EAF733BC0FE1A4E", "79E51A4D47CD0C194A437D173635DF17CF1571876CBEDA0E4CAC7C29C6E502D6", "7A34C5EA3878227646136480AF345DCC5DF882B26F65D3380EC0064BCCA45485", "895F4CFDE7BED79352BE28A05DAE6E5D059FA356E0FB142F85559DC4743501F6", "897C1C4063D647B510038AC8749377FEA3344FA38586156BA7A725F608177613", "8FB323EC50EB5CCD3380176BF2571DDA8C7739DBF4BC558C9B57458B912FEEF7", "90AC6404BEC26EE04C5116EFE61EADA448F6BE4B15643F95B0E2C306615BA410", "91D7C6C9A5739FEE5F42D389A6790AF75591DE3F4B00792DEC9B2F9736C9AA92", "968F76B061F639B6B747F38EA0B563E31C681273189E02F178403D72D7E18BAF", "A2E923A551C0F36BAC84848E053A3A93F2AC1141EB9D1739FE1D48A6684F5352", "A321AC8399F7C27CCAC6298438A320288EF2C370E94C7A4ACEDD15EC06194387", "A79F99565B122E6C5CEB08C7A40F34060F62C246F46AF7C6B4FC01148EE84A5C", "AB2F3E11917AB1FDBF2151F66DB4FDB61A7150F84F3ACB40ECA9334A877FBBB1", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B984973BD0499B5AC500C58359FE25956005D42A2BAD55BF778E60DA7566BDDD", "C63EF6D3CE7C870B7BD1307F91C065B4985C5B6A98FD8597CA915700CFCA72D0", "C65C9D42F36D758D0098249F655FBB450A0B73FDEBBA213A9A3E3B599CE938F8", "C738FF607B47687B1DFCC523B3030D5EF139CF5DEF02AAD36B4326A7752D3E64", "CCE2284A1DEFC26817EC9BCCD38DA7A3854365480FF9426304A46C0C98F30195", "D1A639BE91DC5412986E431A6AA9AD5A1E2630EDE1D54679B68D5811B8F0AF4B", "D278892BA881282D49EFA92D473615AEEA2D8F26DB37B7618ADE68E82D665CBC", "DFB2B8A17991C21AA572BC3D0FE7E4D2908FC84F553760CE8368AAFCE6C462AE", "EAC404329213DF471FF757B7F009DD8A087FC2C57793182718799AB73514DB48", "F0BEE71D1E1E1F410EAE7CBBF899A463124708682905DE5AB537B39047C97A14", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "F5EB55E6DBF388E7CB6C76AFCD8A50A86C1FE6B41E6933749DC88EF56B7E408E", "FEF3D9CCCE24C08E319A8AE3D38411199D5C0E55CEDE903D3EEB444B38106F9B"]}, {"type": "ics", "idList": ["ICSA-22-111-03"]}, {"type": "kaspersky", "idList": ["KLA12177", "KLA15718"]}, {"type": "mageia", "idList": ["MGASA-2021-0221", "MGASA-2021-0424", "MGASA-2021-0523", "MGASA-2022-0201", "MGASA-2022-0313"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-124.NASL", "AL2022_ALAS2022-2022-190.NASL", "AL2_ALAS-2022-1843.NASL", "ALA_ALAS-2021-1520.NASL", "ALMA_LINUX_ALSA-2021-5235.NASL", "ALMA_LINUX_ALSA-2021-5236.NASL", "ALMA_LINUX_ALSA-2022-1830.NASL", "ALMA_LINUX_ALSA-2022-1891.NASL", "ALMA_LINUX_ALSA-2022-4771.NASL", "ALMA_LINUX_ALSA-2022-4805.NASL", "ALMA_LINUX_ALSA-2022-4807.NASL", "ALMA_LINUX_ALSA-2022-7128.NASL", "CENTOS8_RHSA-2021-2360.NASL", "CENTOS8_RHSA-2021-2361.NASL", "CENTOS8_RHSA-2021-2372.NASL", "CENTOS8_RHSA-2021-2375.NASL", "CENTOS8_RHSA-2021-5235.NASL", "CENTOS8_RHSA-2021-5236.NASL", "CENTOS8_RHSA-2022-1830.NASL", "CENTOS8_RHSA-2022-1891.NASL", "CENTOS8_RHSA-2022-4807.NASL", "CENTOS8_RHSA-2022-4855.NASL", "CENTOS8_RHSA-2022-7128.NASL", "CENTOS8_RHSA-2023-0113.NASL", "CENTOS_RHSA-2022-5162.NASL", "DEBIAN_DLA-2662.NASL", "DEBIAN_DLA-2817.NASL", "DEBIAN_DLA-3072.NASL", "DEBIAN_DSA-4915.NASL", "DEBIAN_DSA-5006.NASL", "DEBIAN_DSA-5135.NASL", "DEBIAN_DSA-5136.NASL", "EULEROS_SA-2021-2312.NASL", "EULEROS_SA-2021-2344.NASL", "EULEROS_SA-2021-2426.NASL", "EULEROS_SA-2021-2607.NASL", "EULEROS_SA-2021-2811.NASL", "EULEROS_SA-2021-2906.NASL", "EULEROS_SA-2022-1138.NASL", "EULEROS_SA-2022-1182.NASL", "EULEROS_SA-2022-1197.NASL", "EULEROS_SA-2022-1281.NASL", "EULEROS_SA-2022-1756.NASL", "EULEROS_SA-2022-2231.NASL", "EULEROS_SA-2022-2278.NASL", "EULEROS_SA-2022-2528.NASL", "EULEROS_SA-2022-2631.NASL", "EULEROS_SA-2022-2802.NASL", "EULEROS_SA-2023-1081.NASL", "FREEBSD_PKG_157CE083D14511ECAB9B6CC21735F730.NASL", "FREEBSD_PKG_62DA9702B4CC11EBB9C96CC21735F730.NASL", "FREEBSD_PKG_76E0BB86B4CB11EBB9C96CC21735F730.NASL", "FREEBSD_PKG_B471130BFB8611EB87DB6CC21735F730.NASL", "GENTOO_GLSA-202211-04.NASL", "NEWSTART_CGSL_NS-SA-2021-0116_POSTGRESQL.NASL", "NEWSTART_CGSL_NS-SA-2022-0038_POSTGRESQL.NASL", "OPENSUSE-2021-1584.NASL", "OPENSUSE-2021-1785.NASL", "OPENSUSE-2021-1970.NASL", "OPENSUSE-2021-1994.NASL", "OPENSUSE-2021-3255.NASL", "OPENSUSE-2021-3256.NASL", "OPENSUSE-2021-3758.NASL", "OPENSUSE-2021-3759.NASL", "OPENSUSE-2021-3762.NASL", "OPENSUSE-2021-4058.NASL", "OPENSUSE-2021-894.NASL", "ORACLELINUX_ELSA-2021-2360.NASL", "ORACLELINUX_ELSA-2021-2361.NASL", "ORACLELINUX_ELSA-2021-2372.NASL", "ORACLELINUX_ELSA-2021-2375.NASL", "ORACLELINUX_ELSA-2021-2397.NASL", "ORACLELINUX_ELSA-2021-5235.NASL", "ORACLELINUX_ELSA-2021-5236.NASL", "ORACLELINUX_ELSA-2021-9428.NASL", "ORACLELINUX_ELSA-2022-1830.NASL", "ORACLELINUX_ELSA-2022-1891.NASL", "ORACLELINUX_ELSA-2022-4771.NASL", "ORACLELINUX_ELSA-2022-4805.NASL", "ORACLELINUX_ELSA-2022-4807.NASL", "ORACLELINUX_ELSA-2022-4855.NASL", "ORACLELINUX_ELSA-2022-5162.NASL", "ORACLELINUX_ELSA-2022-7128.NASL", "POSTGRESQL_20210513.NASL", "POSTGRESQL_20210812.NASL", "POSTGRESQL_20220512.NASL", "POSTGRESQL_20220811.NASL", "REDHAT-RHSA-2021-2360.NASL", "REDHAT-RHSA-2021-2361.NASL", "REDHAT-RHSA-2021-2372.NASL", "REDHAT-RHSA-2021-2375.NASL", "REDHAT-RHSA-2021-2389.NASL", "REDHAT-RHSA-2021-2390.NASL", "REDHAT-RHSA-2021-2391.NASL", "REDHAT-RHSA-2021-2392.NASL", "REDHAT-RHSA-2021-2393.NASL", "REDHAT-RHSA-2021-2394.NASL", "REDHAT-RHSA-2021-2395.NASL", "REDHAT-RHSA-2021-2396.NASL", "REDHAT-RHSA-2021-2397.NASL", "REDHAT-RHSA-2021-5179.NASL", "REDHAT-RHSA-2021-5197.NASL", "REDHAT-RHSA-2021-5235.NASL", "REDHAT-RHSA-2021-5236.NASL", "REDHAT-RHSA-2022-1830.NASL", "REDHAT-RHSA-2022-1891.NASL", "REDHAT-RHSA-2022-4771.NASL", "REDHAT-RHSA-2022-4805.NASL", "REDHAT-RHSA-2022-4807.NASL", "REDHAT-RHSA-2022-4854.NASL", "REDHAT-RHSA-2022-4855.NASL", "REDHAT-RHSA-2022-4856.NASL", "REDHAT-RHSA-2022-4857.NASL", "REDHAT-RHSA-2022-4893.NASL", "REDHAT-RHSA-2022-4894.NASL", "REDHAT-RHSA-2022-4895.NASL", "REDHAT-RHSA-2022-4913.NASL", "REDHAT-RHSA-2022-4915.NASL", "REDHAT-RHSA-2022-4929.NASL", "REDHAT-RHSA-2022-4931.NASL", "REDHAT-RHSA-2022-5162.NASL", "REDHAT-RHSA-2022-7128.NASL", "REDHAT-RHSA-2023-0113.NASL", "REDHAT-RHSA-2023-0160.NASL", "ROCKY_LINUX_RLSA-2021-2360.NASL", "ROCKY_LINUX_RLSA-2021-2361.NASL", "ROCKY_LINUX_RLSA-2021-2372.NASL", "ROCKY_LINUX_RLSA-2021-2375.NASL", "ROCKY_LINUX_RLSA-2022-7128.NASL", "SL_20210614_POSTGRESQL_ON_SL7_X.NASL", "SL_20220622_POSTGRESQL_ON_SL7_X.NASL", "SUSE_SU-2021-1782-1.NASL", "SUSE_SU-2021-1783-1.NASL", "SUSE_SU-2021-1784-1.NASL", "SUSE_SU-2021-1785-1.NASL", "SUSE_SU-2021-1785-2.NASL", "SUSE_SU-2021-1970-1.NASL", "SUSE_SU-2021-1994-1.NASL", "SUSE_SU-2021-2777-1.NASL", "SUSE_SU-2021-3119-1.NASL", "SUSE_SU-2021-3120-1.NASL", "SUSE_SU-2021-3255-1.NASL", "SUSE_SU-2021-3256-1.NASL", "SUSE_SU-2021-3481-1.NASL", "SUSE_SU-2021-3755-1.NASL", "SUSE_SU-2021-3757-1.NASL", "SUSE_SU-2021-3758-1.NASL", "SUSE_SU-2021-3759-1.NASL", "SUSE_SU-2021-3760-1.NASL", "SUSE_SU-2021-3761-1.NASL", "SUSE_SU-2021-3762-1.NASL", "SUSE_SU-2021-4058-1.NASL", "SUSE_SU-2022-1804-1.NASL", "SUSE_SU-2022-1835-1.NASL", "SUSE_SU-2022-1869-1.NASL", "SUSE_SU-2022-1874-1.NASL", "SUSE_SU-2022-1890-1.NASL", "SUSE_SU-2022-1894-1.NASL", "SUSE_SU-2022-1895-1.NASL", "SUSE_SU-2022-1908-1.NASL", "SUSE_SU-2022-2893-1.NASL", "SUSE_SU-2022-2912-1.NASL", "SUSE_SU-2022-2914-1.NASL", "SUSE_SU-2022-2946-1.NASL", "SUSE_SU-2022-2987-1.NASL", "SUSE_SU-2022-2988-1.NASL", "SUSE_SU-2022-2989-1.NASL", "SUSE_SU-2022-3193-1.NASL", "SUSE_SU-2022-3269-1.NASL", "UBUNTU_USN-4972-1.NASL", "UBUNTU_USN-5038-1.NASL", "UBUNTU_USN-5145-1.NASL", "UBUNTU_USN-5440-1.NASL", "UBUNTU_USN-5571-1.NASL", "UBUNTU_USN-5645-1.NASL", "UBUNTU_USN-5676-1.NASL", "UBUNTU_USN-5765-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-2360", "ELSA-2021-2361", "ELSA-2021-2372", "ELSA-2021-2375", "ELSA-2021-2397", "ELSA-2021-5235", "ELSA-2021-5236", "ELSA-2021-9428", "ELSA-2022-1830", "ELSA-2022-1891", "ELSA-2022-4771", "ELSA-2022-4805", "ELSA-2022-4807", "ELSA-2022-4855", "ELSA-2022-5162", "ELSA-2022-7128"]}, {"type": "osv", "idList": ["OSV:CVE-2021-23214", "OSV:CVE-2021-23222", "OSV:CVE-2021-32027", "OSV:CVE-2021-32028", "OSV:CVE-2021-3677", "OSV:CVE-2022-1552", "OSV:CVE-2022-2625", "OSV:DLA-2662-1", "OSV:DLA-2817-1", "OSV:DLA-3072-1", "OSV:DSA-4915-1", "OSV:DSA-5006-1", "OSV:DSA-5007-1", "OSV:DSA-5135-1", "OSV:DSA-5136-1"]}, {"type": "photon", "idList": ["PHSA-2022-0238"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2021-32027", "POSTGRESQL:CVE-2021-32028", "POSTGRESQL:CVE-2021-32029", "POSTGRESQL:CVE-2021-3677"]}, {"type": "redhat", "idList": ["RHSA-2021:2360", "RHSA-2021:2361", "RHSA-2021:2372", "RHSA-2021:2375", "RHSA-2021:2389", "RHSA-2021:2390", "RHSA-2021:2391", "RHSA-2021:2392", "RHSA-2021:2393", "RHSA-2021:2394", "RHSA-2021:2395", "RHSA-2021:2396", "RHSA-2021:2397", "RHSA-2021:5179", "RHSA-2021:5197", "RHSA-2021:5235", "RHSA-2021:5236", "RHSA-2022:1830", "RHSA-2022:1891", "RHSA-2022:4771", "RHSA-2022:4805", "RHSA-2022:4807", "RHSA-2022:4854", "RHSA-2022:4855", "RHSA-2022:4856", "RHSA-2022:4857", "RHSA-2022:4880", "RHSA-2022:4893", "RHSA-2022:4894", "RHSA-2022:4895", "RHSA-2022:4913", "RHSA-2022:4915", "RHSA-2022:4929", "RHSA-2022:4931", "RHSA-2022:5132", "RHSA-2022:5162", "RHSA-2022:5188", "RHSA-2022:6252", "RHSA-2022:7128", "RHSA-2023:0113"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-23214", "RH:CVE-2021-23222", "RH:CVE-2021-32027", "RH:CVE-2021-32028", "RH:CVE-2021-32029", "RH:CVE-2021-3677", "RH:CVE-2022-1552", "RH:CVE-2022-2625"]}, {"type": "redos", "idList": ["ROS-20220125-13"]}, {"type": "rocky", "idList": ["RLSA-2021:2360", "RLSA-2021:2361", "RLSA-2021:2372", "RLSA-2021:2375", "RLSA-2021:5235", "RLSA-2021:5236", "RLSA-2022:1830", "RLSA-2022:1891", "RLSA-2022:4805", "RLSA-2022:4807", "RLSA-2022:4855", "RLSA-2022:7128"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0894-1", "OPENSUSE-SU-2021:1584-1", "OPENSUSE-SU-2021:1785-1", "OPENSUSE-SU-2021:1970-1", "OPENSUSE-SU-2021:1994-1", "OPENSUSE-SU-2021:3255-1", "OPENSUSE-SU-2021:3256-1", "OPENSUSE-SU-2021:3758-1", "OPENSUSE-SU-2021:3759-1", "OPENSUSE-SU-2021:3762-1", "OPENSUSE-SU-2021:4058-1", "SUSE-SU-2022:1890-1", "SUSE-SU-2022:1894-1", "SUSE-SU-2022:1895-1", "SUSE-SU-2022:1908-1", "SUSE-SU-2022:2946-1", "SUSE-SU-2022:2987-1", "SUSE-SU-2022:2988-1", "SUSE-SU-2022:2989-1"]}, {"type": "ubuntu", "idList": ["USN-4972-1", "USN-5038-1", "USN-5145-1", "USN-5440-1", "USN-5571-1", "USN-5645-1", "USN-5676-1", "USN-5765-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-23214", "UB:CVE-2021-23222", "UB:CVE-2021-32027", "UB:CVE-2021-32028", "UB:CVE-2021-32029", "UB:CVE-2021-3677", "UB:CVE-2022-1552", "UB:CVE-2022-2625"]}, {"type": "veracode", "idList": ["VERACODE:30437", "VERACODE:30438", "VERACODE:30439", "VERACODE:31651", "VERACODE:32954", "VERACODE:32955", "VERACODE:35549", "VERACODE:36722"]}, {"type": "virtuozzo", "idList": ["VZA-2022-016", "VZA-2022-017"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "vulnersScore": 0.0}, "_state": {"dependencies": 1673579106, "score": 1673579028}, "_internal": {"score_hash": "3d1760615474e6d053e1f88a604a96df"}, "pluginID": "164542", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2958-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164542);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/01\");\n\n script_cve_id(\n \"CVE-2021-3677\",\n \"CVE-2021-23214\",\n \"CVE-2021-23222\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\",\n \"CVE-2022-1552\",\n \"CVE-2022-2625\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2958-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0048-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0015-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0028-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : postgresql12 (SUSE-SU-2022:2958-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2958-1 advisory.\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert\n authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first\n established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use\n of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted\n table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from\n this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an\n authenticated database user could read arbitrary bytes of server memory. The highest threat from this\n vulnerability is to data confidentiality. (CVE-2021-32029)\n\n - A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the\n default configuration, any authenticated database user can complete this attack at will. The attack does\n not require the ability to create objects. If server settings include max_worker_processes=0, the known\n versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of\n that setting. (CVE-2021-3677)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a\n privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH\n MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all\n during the process. This flaw allows an attacker with permission to create non-temporary objects in at\n least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\n - A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects\n in at least one schema, the ability to lure or wait for an administrator to create or update an affected\n extension in that schema, and the ability to lure or wait for a victim to use the object targeted in\n CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to\n run arbitrary code as the victim role, which may be a superuser. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1187751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202368\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/012016.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?969a780d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2625\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libecpg6-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libpq5-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libpq5-32bit-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-contrib-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-docs-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-plperl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-plpython-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-pltcl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-server-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql12-server-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libecpg6-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libpq5-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-contrib-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-plperl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-plpython-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-pltcl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-server-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'postgresql12-server-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libecpg6-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libecpg6-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libpq5-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libpq5-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libpq5-32bit-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql12-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-contrib-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-contrib-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-docs-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql12-plperl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-plperl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-plpython-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-plpython-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-pltcl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-pltcl-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-server-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-server-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-server-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'postgresql12-server-devel-12.12-150100.3.33.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libecpg6-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libpq5-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-contrib-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-devel-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-plperl-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-plpython-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-pltcl-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-server-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'postgresql12-server-devel-12.12-150100.3.33.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg6 / libpq5 / libpq5-32bit / postgresql12 / postgresql12-contrib / etc');\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-32bit", "p-cpe:/a:novell:suse_linux:postgresql12", "p-cpe:/a:novell:suse_linux:postgresql12-contrib", "p-cpe:/a:novell:suse_linux:postgresql12-devel", "p-cpe:/a:novell:suse_linux:postgresql12-docs", "p-cpe:/a:novell:suse_linux:postgresql12-plperl", "p-cpe:/a:novell:suse_linux:postgresql12-plpython", "p-cpe:/a:novell:suse_linux:postgresql12-pltcl", "p-cpe:/a:novell:suse_linux:postgresql12-server", "p-cpe:/a:novell:suse_linux:postgresql12-server-devel", "cpe:/o:novell:suse_linux:15"], "solution": "Update the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2021-32027", "vendor_cvss2": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "vendor_cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2022-08-31T00:00:00", "vulnerabilityPublicationDate": "2021-05-13T00:00:00", "exploitableWith": []}

{"gentoo": [{"lastseen": "2022-11-22T04:18:53", "description": "### Background\n\nPostgreSQL is an open source object-relational database management system.\n\n### Description\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PostgreSQL 10.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-10.22:10\"\n \n\nAll PostgreSQL 11.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-11.17:11\"\n \n\nAll PostgreSQL 12.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-12.12:12\"\n \n\nAll PostgreSQL 13.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-13.8:13\"\n \n\nAll PostgreSQL 14.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-14.5:14\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-19T00:00:00", "type": "gentoo", "title": "PostgreSQL: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-32027", "CVE-2021-32028", "CVE-2021-3677", "CVE-2022-1552", "CVE-2022-2625"], "modified": "2022-11-19T00:00:00", "id": "GLSA-202211-04", "href": "https://security.gentoo.org/glsa/202211-04", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-12T05:11:25", "description": "The remote host is affected by the vulnerability described in GLSA-202211-04 (PostgreSQL: Multiple Vulnerabilities)\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting. (CVE-2021-3677)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\n - A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-22T00:00:00", "type": "nessus", "title": "GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-32027", "CVE-2021-32028", "CVE-2021-3677", "CVE-2022-1552", "CVE-2022-2625"], "modified": "2022-11-22T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:postgresql", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202211-04.NASL", "href": "https://www.tenable.com/plugins/nessus/168040", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202211-04.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168040);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/22\");\n\n script_cve_id(\n \"CVE-2021-3677\",\n \"CVE-2021-23214\",\n \"CVE-2021-23222\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2022-1552\",\n \"CVE-2022-2625\"\n );\n\n script_name(english:\"GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202211-04 (PostgreSQL: Multiple Vulnerabilities)\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert\n authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first\n established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use\n of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted\n table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from\n this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the\n default configuration, any authenticated database user can complete this attack at will. The attack does\n not require the ability to create objects. If server settings include max_worker_processes=0, the known\n versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of\n that setting. (CVE-2021-3677)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a\n privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH\n MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all\n during the process. This flaw allows an attacker with permission to create non-temporary objects in at\n least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\n - A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects\n in at least one schema, the ability to lure or wait for an administrator to create or update an affected\n extension in that schema, and the ability to lure or wait for a victim to use the object targeted in\n CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to\n run arbitrary code as the victim role, which may be a superuser. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202211-04\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=793734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=808984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=823125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=865255\");\n script_set_attribute(attribute:\"solution\", value:\n\"All PostgreSQL 10.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-db/postgresql-10.22:10\n \nAll PostgreSQL 11.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-db/postgresql-11.17:11\n \nAll PostgreSQL 12.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-db/postgresql-12.12:12\n \nAll PostgreSQL 13.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-db/postgresql-13.8:13\n \nAll PostgreSQL 14.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-db/postgresql-14.5:14\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1552\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'dev-db/postgresql',\n 'unaffected' : make_list(\"ge 10.22\", \"lt 10.0.0\"),\n 'vulnerable' : make_list(\"lt 10.22\")\n },\n {\n 'name' : 'dev-db/postgresql',\n 'unaffected' : make_list(\"ge 11.17\", \"lt 11.0.0\"),\n 'vulnerable' : make_list(\"lt 11.17\")\n },\n {\n 'name' : 'dev-db/postgresql',\n 'unaffected' : make_list(\"ge 12.12\", \"lt 12.0.0\"),\n 'vulnerable' : make_list(\"lt 12.12\")\n },\n {\n 'name' : 'dev-db/postgresql',\n 'unaffected' : make_list(\"ge 13.8\", \"lt 13.0.0\"),\n 'vulnerable' : make_list(\"lt 13.8\")\n },\n {\n 'name' : 'dev-db/postgresql',\n 'unaffected' : make_list(\"ge 14.5\", \"lt 14.0.0\"),\n 'vulnerable' : make_list(\"lt 14.5\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'PostgreSQL');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T18:55:24", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2893-1 advisory.\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox (CVE-2022-1552)\n\n - A vulnerability found in postgresql. On this security issue an attack requires permission to create non- temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-26T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : postgresql10 (SUSE-SU-2022:2893-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2022-1552", "CVE-2022-2625"], "modified": "2022-12-01T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-32bit", "p-cpe:/a:novell:suse_linux:postgresql", "p-cpe:/a:novell:suse_linux:postgresql-contrib", "p-cpe:/a:novell:suse_linux:postgresql-devel", "p-cpe:/a:novell:suse_linux:postgresql-docs", "p-cpe:/a:novell:suse_linux:postgresql-plperl", "p-cpe:/a:novell:suse_linux:postgresql-plpython", "p-cpe:/a:novell:suse_linux:postgresql-pltcl", "p-cpe:/a:novell:suse_linux:postgresql-server", "p-cpe:/a:novell:suse_linux:postgresql-server-devel", "p-cpe:/a:novell:suse_linux:postgresql10", "p-cpe:/a:novell:suse_linux:postgresql10-contrib", "p-cpe:/a:novell:suse_linux:postgresql10-devel", "p-cpe:/a:novell:suse_linux:postgresql10-docs", "p-cpe:/a:novell:suse_linux:postgresql10-plperl", "p-cpe:/a:novell:suse_linux:postgresql10-plpython", "p-cpe:/a:novell:suse_linux:postgresql10-pltcl", "p-cpe:/a:novell:suse_linux:postgresql10-server", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2893-1.NASL", "href": "https://www.tenable.com/plugins/nessus/164447", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2893-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164447);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/01\");\n\n script_cve_id(\n \"CVE-2021-23214\",\n \"CVE-2021-23222\",\n \"CVE-2022-1552\",\n \"CVE-2022-2625\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2893-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n script_xref(name:\"IAVB\", value:\"2022-B-0015-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0028-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : postgresql10 (SUSE-SU-2022:2893-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2893-1 advisory.\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert\n authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first\n established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use\n of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox (CVE-2022-1552)\n\n - A vulnerability found in postgresql. On this security issue an attack requires permission to create non-\n temporary objects in at least one schema, ability to lure or wait for an administrator to create or update\n an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted\n in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run\n arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both\n PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so\n there's no need to modify individual extensions. (CVE-2022-2625)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1187751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190177\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202368\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011992.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?266be82f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2625\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1552\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libecpg6-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-32bit-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-contrib-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-devel-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-docs-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-plperl-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-plpython-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-pltcl-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-server-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-server-devel-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-contrib-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-devel-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-docs-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plperl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plpython-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-pltcl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-server-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-contrib-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-devel-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-docs-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-plperl-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-plpython-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-pltcl-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-server-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'postgresql-server-devel-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libecpg6-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libecpg6-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libecpg6-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libpq5-32bit-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-contrib-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-devel-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-docs-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-plperl-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-plpython-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-pltcl-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-server-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql-server-devel-12.0.1-150000.8.19.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql10-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-contrib-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-contrib-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-contrib-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-devel-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-devel-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-devel-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-docs-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'postgresql10-plperl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plperl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plperl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plpython-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plpython-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-plpython-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-pltcl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-pltcl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-pltcl-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-server-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-server-10.22-150000.4.42.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql10-server-10.22-150000.4.42.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'postgresql-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-contrib-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-devel-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-docs-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-plperl-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-plpython-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-pltcl-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-server-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'postgresql-server-devel-12.0.1-150000.8.19.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'libecpg6-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libpq5-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-contrib-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-devel-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-plperl-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-plpython-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-pltcl-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'postgresql10-server-10.22-150000.4.42.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg6 / libpq5 / libpq5-32bit / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-19T14:39:31", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4972-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : PostgreSQL vulnerabilities (USN-4972-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "cpe:/o:canonical:ubuntu_linux:21.04", "p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3", "p-cpe:/a:canonical:ubuntu_linux:libecpg-dev", "p-cpe:/a:canonical:ubuntu_linux:libecpg6", "p-cpe:/a:canonical:ubuntu_linux:libpgtypes3", "p-cpe:/a:canonical:ubuntu_linux:libpq-dev", "p-cpe:/a:canonical:ubuntu_linux:libpq5", "p-cpe:/a:canonical:ubuntu_linux:postgresql-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-13"], "id": "UBUNTU_USN-4972-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150129", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4972-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150129);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"USN\", value:\"4972-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : PostgreSQL vulnerabilities (USN-4972-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4972-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4972-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpgtypes3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpq-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-13\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10|21\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10 / 21.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libecpg-compat3', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libecpg-dev', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libecpg6', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpgtypes3', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpq-dev', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpq5', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-client-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plperl-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plpython-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plpython3-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-pltcl-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-server-dev-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg-compat3', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg-dev', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg6', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpgtypes3', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpq-dev', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpq5', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-client-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-plperl-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-plpython3-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-pltcl-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-server-dev-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},\n {'osver': '20.10', 'pkgname': 'libecpg-compat3', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libecpg-dev', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libecpg6', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libpgtypes3', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libpq-dev', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libpq5', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-client-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-plperl-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-plpython3-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-pltcl-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'postgresql-server-dev-12', 'pkgver': '12.7-0ubuntu0.20.10.1'},\n {'osver': '21.04', 'pkgname': 'libecpg-compat3', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libecpg-dev', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libecpg6', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpgtypes3', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpq-dev', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpq5', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-13', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-client-13', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-plperl-13', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-plpython3-13', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-pltcl-13', 'pkgver': '13.3-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-server-dev-13', 'pkgver': '13.3-0ubuntu0.21.04.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg-compat3 / libecpg-dev / libecpg6 / libpgtypes3 / libpq-dev / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:10", "description": "Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T00:00:00", "type": "nessus", "title": "Debian DSA-4915-1 : postgresql-11 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:postgresql-11", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4915.NASL", "href": "https://www.tenable.com/plugins/nessus/149490", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4915. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149490);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/23\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"DSA\", value:\"4915\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Debian DSA-4915-1 : postgresql-11 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues have been discovered in the PostgreSQL\ndatabase system, which could result in the execution of arbitrary code\nor disclosure of memory content.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/postgresql-11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e0872ee\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/postgresql-11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4915\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the postgresql-11 packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 11.12-0+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libecpg-compat3\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libecpg-dev\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libecpg6\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpgtypes3\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpq-dev\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpq5\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-client-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-doc-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-plperl-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-plpython-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-plpython3-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-pltcl-11\", reference:\"11.12-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"postgresql-server-dev-11\", reference:\"11.12-0+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:04", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1994-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-21T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2021:1994-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql12", "p-cpe:/a:novell:suse_linux:postgresql12-contrib", "p-cpe:/a:novell:suse_linux:postgresql12-devel", "p-cpe:/a:novell:suse_linux:postgresql12-docs", "p-cpe:/a:novell:suse_linux:postgresql12-plperl", "p-cpe:/a:novell:suse_linux:postgresql12-plpython", "p-cpe:/a:novell:suse_linux:postgresql12-pltcl", "p-cpe:/a:novell:suse_linux:postgresql12-server", "p-cpe:/a:novell:suse_linux:postgresql12-server-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1994-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150893", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1994-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150893);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1994-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2021:1994-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:1994-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185926\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/009026.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?69512a1f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'postgresql12-12.7-8.20', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'postgresql12-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'postgresql12-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-contrib-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-devel-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-docs-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-plperl-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-plpython-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-pltcl-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-server-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-server-devel-12.7-8.20', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-legacy-release-15.3'},\n {'reference':'postgresql12-contrib-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-devel-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-docs-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-plperl-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-plpython-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-pltcl-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-server-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql12-server-devel-12.7-8.20', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql12 / postgresql12-contrib / postgresql12-devel / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:59", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1785-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : postgresql13 (openSUSE-SU-2021:1785-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql13", "p-cpe:/a:novell:opensuse:postgresql13-contrib", "p-cpe:/a:novell:opensuse:postgresql13-devel", "p-cpe:/a:novell:opensuse:postgresql13-devel-mini", "p-cpe:/a:novell:opensuse:postgresql13-llvmjit", "p-cpe:/a:novell:opensuse:postgresql13-plperl", "p-cpe:/a:novell:opensuse:postgresql13-plpython", "p-cpe:/a:novell:opensuse:postgresql13-pltcl", "p-cpe:/a:novell:opensuse:postgresql13-server", "p-cpe:/a:novell:opensuse:postgresql13-server-devel", "p-cpe:/a:novell:opensuse:postgresql13-test", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1785.NASL", "href": "https://www.tenable.com/plugins/nessus/151684", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1785-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151684);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"openSUSE 15 Security Update : postgresql13 (openSUSE-SU-2021:1785-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1785-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185926\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YKAEBUWSUHMGHAQQGZGGJL4XNRQXGZEZ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffbc4d74\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-devel-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'postgresql13-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-contrib-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-devel-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-devel-mini-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-llvmjit-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-plperl-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-plpython-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-pltcl-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-server-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-server-devel-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-test-13.3-5.10.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql13 / postgresql13-contrib / postgresql13-devel / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:15:23", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2375 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : postgresql:13 (RLSA-2021:2375)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:pgaudit", "p-cpe:/a:rocky:linux:pgaudit-debuginfo", "p-cpe:/a:rocky:linux:pgaudit-debugsource", "p-cpe:/a:rocky:linux:postgres-decoderbufs", "p-cpe:/a:rocky:linux:postgres-decoderbufs-debuginfo", "p-cpe:/a:rocky:linux:postgres-decoderbufs-debugsource", "p-cpe:/a:rocky:linux:postgresql", "p-cpe:/a:rocky:linux:postgresql-contrib", "p-cpe:/a:rocky:linux:postgresql-contrib-debuginfo", "p-cpe:/a:rocky:linux:postgresql-debuginfo", "p-cpe:/a:rocky:linux:postgresql-debugsource", "p-cpe:/a:rocky:linux:postgresql-docs", "p-cpe:/a:rocky:linux:postgresql-docs-debuginfo", "p-cpe:/a:rocky:linux:postgresql-plperl", "p-cpe:/a:rocky:linux:postgresql-plperl-debuginfo", "p-cpe:/a:rocky:linux:postgresql-plpython3", "p-cpe:/a:rocky:linux:postgresql-plpython3-debuginfo", "p-cpe:/a:rocky:linux:postgresql-pltcl", "p-cpe:/a:rocky:linux:postgresql-pltcl-debuginfo", "p-cpe:/a:rocky:linux:postgresql-server", "p-cpe:/a:rocky:linux:postgresql-server-debuginfo", "p-cpe:/a:rocky:linux:postgresql-server-devel", "p-cpe:/a:rocky:linux:postgresql-server-devel-debuginfo", "p-cpe:/a:rocky:linux:postgresql-static", "p-cpe:/a:rocky:linux:postgresql-test", "p-cpe:/a:rocky:linux:postgresql-test-debuginfo", "p-cpe:/a:rocky:linux:postgresql-test-rpm-macros", "p-cpe:/a:rocky:linux:postgresql-upgrade", "p-cpe:/a:rocky:linux:postgresql-upgrade-debuginfo", "p-cpe:/a:rocky:linux:postgresql-upgrade-devel", "p-cpe:/a:rocky:linux:postgresql-upgrade-devel-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-2375.NASL", "href": "https://www.tenable.com/plugins/nessus/157762", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:2375.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157762);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"RLSA\", value:\"2021:2375\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Rocky Linux 8 : postgresql:13 (RLSA-2021:2375)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:2375 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted\n table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from\n this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an\n authenticated database user could read arbitrary bytes of server memory. The highest threat from this\n vulnerability is to data confidentiality. (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:2375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-docs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plpython3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.4'},\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.4'},\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.5'},\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.5'},\n {'reference':'pgaudit-debuginfo-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.4'},\n {'reference':'pgaudit-debuginfo-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.4'},\n {'reference':'pgaudit-debuginfo-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.5'},\n {'reference':'pgaudit-debuginfo-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.5'},\n {'reference':'pgaudit-debugsource-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.4'},\n {'reference':'pgaudit-debugsource-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.4'},\n {'reference':'pgaudit-debugsource-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.5'},\n {'reference':'pgaudit-debugsource-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.5'},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-10'},\n {'reference':'postgresql-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-10'},\n {'reference':'postgresql-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-12'},\n {'reference':'postgresql-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-12'},\n {'reference':'postgresql-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-13'},\n {'reference':'postgresql-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-13'},\n {'reference':'postgresql-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-9'},\n {'reference':'postgresql-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-9'},\n {'reference':'postgresql-contrib-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-10'},\n {'reference':'postgresql-contrib-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-10'},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-12'},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-12'},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-13'},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-13'},\n {'reference':'postgresql-contrib-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-9'},\n {'reference':'postgresql-contrib-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-9'},\n {'reference':'postgresql-contrib-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-10'},\n {'reference':'postgresql-contrib-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-10'},\n {'reference':'postgresql-contrib-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-12'},\n {'reference':'postgresql-contrib-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-12'},\n {'reference':'postgresql-contrib-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-13'},\n {'reference':'postgresql-contrib-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-13'},\n {'reference':'postgresql-contrib-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-9'},\n {'reference':'postgresql-contrib-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-9'},\n {'reference':'postgresql-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-10'},\n {'reference':'postgresql-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-10'},\n {'reference':'postgresql-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-12'},\n {'reference':'postgresql-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-12'},\n {'reference':'postgresql-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-13'},\n {'reference':'postgresql-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-13'},\n {'reference':'postgresql-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-9'},\n {'reference':'postgresql-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-9'},\n {'reference':'postgresql-debugsource-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-10'},\n {'reference':'postgresql-debugsource-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-10'},\n {'reference':'postgresql-debugsource-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-12'},\n {'reference':'postgresql-debugsource-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-12'},\n {'reference':'postgresql-debugsource-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-13'},\n {'reference':'postgresql-debugsource-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-13'},\n {'reference':'postgresql-debugsource-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-9'},\n {'reference':'postgresql-debugsource-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-9'},\n {'reference':'postgresql-docs-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-10'},\n {'reference':'postgresql-docs-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-10'},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-12'},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-12'},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-13'},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-13'},\n {'reference':'postgresql-docs-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-9'},\n {'reference':'postgresql-docs-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-9'},\n {'reference':'postgresql-docs-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-10'},\n {'reference':'postgresql-docs-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-10'},\n {'reference':'postgresql-docs-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-12'},\n {'reference':'postgresql-docs-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-12'},\n {'reference':'postgresql-docs-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-13'},\n {'reference':'postgresql-docs-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-13'},\n {'reference':'postgresql-docs-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-9'},\n {'reference':'postgresql-docs-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-9'},\n {'reference':'postgresql-plperl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-10'},\n {'reference':'postgresql-plperl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-10'},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-12'},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-12'},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-13'},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-13'},\n {'reference':'postgresql-plperl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-9'},\n {'reference':'postgresql-plperl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-9'},\n {'reference':'postgresql-plperl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-10'},\n {'reference':'postgresql-plperl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-10'},\n {'reference':'postgresql-plperl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-12'},\n {'reference':'postgresql-plperl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-12'},\n {'reference':'postgresql-plperl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-13'},\n {'reference':'postgresql-plperl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-13'},\n {'reference':'postgresql-plperl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-9'},\n {'reference':'postgresql-plperl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-9'},\n {'reference':'postgresql-plpython3-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-10'},\n {'reference':'postgresql-plpython3-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-10'},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-12'},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-12'},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-13'},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-13'},\n {'reference':'postgresql-plpython3-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-9'},\n {'reference':'postgresql-plpython3-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-9'},\n {'reference':'postgresql-plpython3-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-10'},\n {'reference':'postgresql-plpython3-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-10'},\n {'reference':'postgresql-plpython3-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-12'},\n {'reference':'postgresql-plpython3-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-12'},\n {'reference':'postgresql-plpython3-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-13'},\n {'reference':'postgresql-plpython3-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-13'},\n {'reference':'postgresql-plpython3-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-9'},\n {'reference':'postgresql-plpython3-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-9'},\n {'reference':'postgresql-pltcl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-10'},\n {'reference':'postgresql-pltcl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-10'},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-12'},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-12'},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-13'},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-13'},\n {'reference':'postgresql-pltcl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-9'},\n {'reference':'postgresql-pltcl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-9'},\n {'reference':'postgresql-pltcl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-10'},\n {'reference':'postgresql-pltcl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-10'},\n {'reference':'postgresql-pltcl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-12'},\n {'reference':'postgresql-pltcl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-12'},\n {'reference':'postgresql-pltcl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-13'},\n {'reference':'postgresql-pltcl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-13'},\n {'reference':'postgresql-pltcl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-9'},\n {'reference':'postgresql-pltcl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-9'},\n {'reference':'postgresql-server-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-10'},\n {'reference':'postgresql-server-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-10'},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-12'},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-12'},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-13'},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-13'},\n {'reference':'postgresql-server-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-9'},\n {'reference':'postgresql-server-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-9'},\n {'reference':'postgresql-server-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-10'},\n {'reference':'postgresql-server-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-10'},\n {'reference':'postgresql-server-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-12'},\n {'reference':'postgresql-server-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-12'},\n {'reference':'postgresql-server-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-13'},\n {'reference':'postgresql-server-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-13'},\n {'reference':'postgresql-server-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-9'},\n {'reference':'postgresql-server-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-9'},\n {'reference':'postgresql-server-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-10'},\n {'reference':'postgresql-server-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-10'},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-12'},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-12'},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-13'},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-13'},\n {'reference':'postgresql-server-devel-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-9'},\n {'reference':'postgresql-server-devel-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-9'},\n {'reference':'postgresql-server-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-10'},\n {'reference':'postgresql-server-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-10'},\n {'reference':'postgresql-server-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-12'},\n {'reference':'postgresql-server-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-12'},\n {'reference':'postgresql-server-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-13'},\n {'reference':'postgresql-server-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-13'},\n {'reference':'postgresql-server-devel-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-9'},\n {'reference':'postgresql-server-devel-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-9'},\n {'reference':'postgresql-static-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-10'},\n {'reference':'postgresql-static-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-10'},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-12'},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-12'},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-13'},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-13'},\n {'reference':'postgresql-static-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-9'},\n {'reference':'postgresql-static-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-9'},\n {'reference':'postgresql-test-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-10'},\n {'reference':'postgresql-test-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-10'},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-12'},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-12'},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-13'},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-13'},\n {'reference':'postgresql-test-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-9'},\n {'reference':'postgresql-test-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-9'},\n {'reference':'postgresql-test-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-10'},\n {'reference':'postgresql-test-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-10'},\n {'reference':'postgresql-test-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-12'},\n {'reference':'postgresql-test-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-12'},\n {'reference':'postgresql-test-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-13'},\n {'reference':'postgresql-test-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-13'},\n {'reference':'postgresql-test-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-9'},\n {'reference':'postgresql-test-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-9'},\n {'reference':'postgresql-test-rpm-macros-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-10'},\n {'reference':'postgresql-test-rpm-macros-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-10'},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+587+d46efd10', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-12'},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+546+3620623e', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-13'},\n {'reference':'postgresql-test-rpm-macros-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-9'},\n {'reference':'postgresql-test-rpm-macros-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-9'},\n {'reference':'postgresql-upgrade-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-10'},\n {'reference':'postgresql-upgrade-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-10'},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-12'},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-12'},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-13'},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-13'},\n {'reference':'postgresql-upgrade-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-10'},\n {'reference':'postgresql-upgrade-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-10'},\n {'reference':'postgresql-upgrade-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-12'},\n {'reference':'postgresql-upgrade-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-12'},\n {'reference':'postgresql-upgrade-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-13'},\n {'reference':'postgresql-upgrade-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-13'},\n {'reference':'postgresql-upgrade-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-10'},\n {'reference':'postgresql-upgrade-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-10'},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-12'},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-12'},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-13'},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-13'},\n {'reference':'postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-10'},\n {'reference':'postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-10'},\n {'reference':'postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-12'},\n {'reference':'postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-12'},\n {'reference':'postgresql-upgrade-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-13'},\n {'reference':'postgresql-upgrade-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / pgaudit-debuginfo / pgaudit-debugsource / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:45", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1785-2 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-12T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : postgresql13 (SUSE-SU-2021:1785-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql13-test", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1785-2.NASL", "href": "https://www.tenable.com/plugins/nessus/151492", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1785-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151492);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1785-2\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : postgresql13 (SUSE-SU-2021:1785-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:1785-2 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185926\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009119.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a85b6974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql13-test package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'postgresql13-test-13.3-5.10.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql13-test');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:24", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2375 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-16T00:00:00", "type": "nessus", "title": "CentOS 8 : postgresql:13 (CESA-2021:2375)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:pgaudit", "p-cpe:/a:centos:centos:postgres-decoderbufs", "p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython3", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-server-devel", "p-cpe:/a:centos:centos:postgresql-static", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql-test-rpm-macros", "p-cpe:/a:centos:centos:postgresql-upgrade", "p-cpe:/a:centos:centos:postgresql-upgrade-devel"], "id": "CENTOS8_RHSA-2021-2375.NASL", "href": "https://www.tenable.com/plugins/nessus/150834", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:2375. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150834);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"RHSA\", value:\"2021:2375\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"CentOS 8 : postgresql:13 (CESA-2021:2375)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:2375 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2375\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'pgaudit-1.5.0-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pgaudit-1.5.0-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:06", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2375 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATEmore details (CVE-2021-32028)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNINGmore details (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-11T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : postgresql:13 (ELSA-2021-2375)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:pgaudit", "p-cpe:/a:oracle:linux:postgres-decoderbufs", "p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython3", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-server-devel", "p-cpe:/a:oracle:linux:postgresql-static", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql-test-rpm-macros", "p-cpe:/a:oracle:linux:postgresql-upgrade", "p-cpe:/a:oracle:linux:postgresql-upgrade-devel"], "id": "ORACLELINUX_ELSA-2021-2375.NASL", "href": "https://www.tenable.com/plugins/nessus/150724", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-2375.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150724);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Oracle Linux 8 : postgresql:13 (ELSA-2021-2375)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-2375 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATEmore details (CVE-2021-32028)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNINGmore details (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-2375.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/postgresql');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:13');\nif ('13' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module postgresql:' + module_ver);\n\nappstreams = {\n 'postgresql:13': [\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+20016+06fd4df3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+20016+06fd4df3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+20016+06fd4df3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+20016+06fd4df3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+20192+096f5771', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+20192+096f5771', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:13');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:04", "description": "This update for postgresql13 fixes the following issues :\n\nUpgrade to version 13.3 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING outputs for joined cross-partition updates (bsc#1185926).\n\nDon't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:1785-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13", "p-cpe:/a:novell:suse_linux:postgresql13-contrib", "p-cpe:/a:novell:suse_linux:postgresql13-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-debugsource", "p-cpe:/a:novell:suse_linux:postgresql13-devel", "p-cpe:/a:novell:suse_linux:postgresql13-devel-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-plperl", "p-cpe:/a:novell:suse_linux:postgresql13-plperl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-plpython", "p-cpe:/a:novell:suse_linux:postgresql13-plpython-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-pltcl", "p-cpe:/a:novell:suse_linux:postgresql13-pltcl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-server", "p-cpe:/a:novell:suse_linux:postgresql13-server-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-server-devel", "p-cpe:/a:novell:suse_linux:postgresql13-server-devel-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-test", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1785-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1785-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150106);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:1785-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for postgresql13 fixes the following issues :\n\nUpgrade to version 13.3 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting\ncalculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON\nCONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING outputs for joined cross-partition updates (bsc#1185926).\n\nDon't use %_stop_on_removal, because it was meant to be private and\ngot removed from openSUSE. %_restart_on_update is also private, but\nstill supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be\ndelivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211785-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d9e4ddc9\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP3 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP3-2021-1785=1\n\nSUSE Linux Enterprise Module for Server Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP2-2021-1785=1\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2021-1785=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP3 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-1785=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-1785=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libecpg6-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libecpg6-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libpq5-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libpq5-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-contrib-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-contrib-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-debugsource-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-devel-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-devel-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-plperl-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-plperl-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-plpython-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-plpython-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-pltcl-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-pltcl-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-server-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-server-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-server-devel-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"postgresql13-server-devel-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpq5-32bit-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libecpg6-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libecpg6-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libpq5-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libpq5-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-contrib-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-contrib-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-debugsource-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-devel-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-devel-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-plperl-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-plperl-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-plpython-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-plpython-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-pltcl-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-pltcl-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-server-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-server-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-server-devel-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-server-devel-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"postgresql13-test-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libpq5-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libpq5-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"postgresql13-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"postgresql13-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"postgresql13-debugsource-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpq5-32bit-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libpq5-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libpq5-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"postgresql13-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"postgresql13-debuginfo-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"postgresql13-debugsource-13.3-5.10.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"postgresql13-test-13.3-5.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql13\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:48:57", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2396 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-15T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-postgresql13-postgresql (RHSA-2021:2396)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython3", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-static", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-test"], "id": "REDHAT-RHSA-2021-2396.NASL", "href": "https://www.tenable.com/plugins/nessus/150792", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2396. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150792);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"RHSA\", value:\"2021:2396\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"RHEL 7 : rh-postgresql13-postgresql (RHSA-2021:2396)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2396 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 125, 190, 200);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-test\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-postgresql13-postgresql-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-syspaths-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-syspaths-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-devel-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-devel-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-docs-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-docs-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-libs-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-libs-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plperl-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plperl-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython3-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython3-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-pltcl-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-pltcl-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-syspaths-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-syspaths-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-static-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-static-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-syspaths-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-syspaths-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-test-13.3-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-test-13.3-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-postgresql13-postgresql / rh-postgresql13-postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:00", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2375 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-16T00:00:00", "type": "nessus", "title": "RHEL 8 : postgresql:13 (RHSA-2021:2375)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:pgaudit", "p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs", "p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-static", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel"], "id": "REDHAT-RHSA-2021-2375.NASL", "href": "https://www.tenable.com/plugins/nessus/150816", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2375. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150816);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"RHSA\", value:\"2021:2375\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"RHEL 8 : postgresql:13 (RHSA-2021:2375)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2375 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 125, 190, 200);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'postgresql:13': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+11254+85259292', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+11254+85259292', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+11254+85259292', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/postgresql');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:13');\nif ('13' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module postgresql:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:13');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:13", "description": "The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities :\n\n - Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "nessus", "title": "PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20210513.NASL", "href": "https://www.tenable.com/plugins/nessus/149850", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# Portions Copyright (C) 1996-2019, The PostgreSQL Global Development Group\n# Portions Copyright (C) 1994, The Regents of the University of California\n# Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies.\n# IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n# THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN \"AS IS\" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149850);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12\nprior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities :\n\n - Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.postgresql.org/about/news/postgresql-133-127-1112-1017-and-9622-released-2210/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d682c4df\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/support/security/CVE-2021-32029/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/support/security/CVE-2021-32028/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/support/security/CVE-2021-32027/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 9.6.22 / 10.17 / 11.12 / 12.7 / 13.3 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgres_installed_windows.nbin\", \"postgres_installed_nix.nbin\", \"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432, \"installed_sw/PostgreSQL\");\n\n exit(0);\n}\n\ninclude('vcf_extras_postgresql.inc');\n\nvar app = 'PostgreSQL';\nvar win_local = TRUE;\n\nif (!get_kb_item('SMB/Registry/Enumerated'))\n win_local = FALSE;\n\nvar port = get_service(svc:'postgresql', default:5432);\nvar kb_base = 'database/' + port + '/postgresql/';\nvar kb_ver = NULL;\nvar kb_path = kb_base + 'version';\nvar ver = get_kb_item(kb_path);\nif (!empty_or_null(ver)) kb_ver = kb_path;\n\napp_info = vcf::postgresql::get_app_info(app:app, port:port, kb_ver:kb_ver, kb_base:kb_base, win_local:win_local);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\n# 9.6.22 / 10.17 / 11.12 / 12.7 / 13.3\nconstraints = [\n { 'min_version' : '9.6', 'fixed_version' : '9.6.22' },\n { 'min_version' : '10', 'fixed_version' : '10.17' },\n { 'min_version' : '11', 'fixed_version' : '11.12' },\n { 'min_version' : '12', 'fixed_version' : '12.7' },\n { 'min_version' : '13', 'fixed_version' : '13.3' }\n];\n\nvcf::postgresql::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:04", "description": "This update for postgresql13 fixes the following issues :\n\nUpgrade to version 13.3 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING 'pg_psql_temporary_savepoint' does not exist (bsc#1185926).\n\nDon't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : postgresql13 (SUSE-SU-2021:1784-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13", "p-cpe:/a:novell:suse_linux:postgresql13-contrib", "p-cpe:/a:novell:suse_linux:postgresql13-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-debugsource", "p-cpe:/a:novell:suse_linux:postgresql13-plperl", "p-cpe:/a:novell:suse_linux:postgresql13-plperl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-plpython", "p-cpe:/a:novell:suse_linux:postgresql13-plpython-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-pltcl", "p-cpe:/a:novell:suse_linux:postgresql13-pltcl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql13-server", "p-cpe:/a:novell:suse_linux:postgresql13-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1784-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150101", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1784-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150101);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : postgresql13 (SUSE-SU-2021:1784-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for postgresql13 fixes the following issues :\n\nUpgrade to version 13.3 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting\ncalculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON\nCONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING 'pg_psql_temporary_savepoint' does not exist (bsc#1185926).\n\nDon't use %_stop_on_removal, because it was meant to be private and\ngot removed from openSUSE. %_restart_on_update is also private, but\nstill supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be\ndelivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211784-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e968443\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2021-1784=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1784=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libecpg6-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libecpg6-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpq5-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpq5-32bit-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpq5-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpq5-debuginfo-32bit-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-contrib-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-contrib-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-debugsource-13.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-debugsource-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-plperl-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-plperl-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-plpython-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-plpython-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-pltcl-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-pltcl-debuginfo-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-server-13.3-3.9.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql13-server-debuginfo-13.3-3.9.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql13\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:04", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1994-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : postgresql12 (openSUSE-SU-2021:1994-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029"], "modified": "2021-08-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql12", "p-cpe:/a:novell:opensuse:postgresql12-contrib", "p-cpe:/a:novell:opensuse:postgresql12-devel", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit", "p-cpe:/a:novell:opensuse:postgresql12-plperl", "p-cpe:/a:novell:opensuse:postgresql12-plpython", "p-cpe:/a:novell:opensuse:postgresql12-pltcl", "p-cpe:/a:novell:opensuse:postgresql12-server", "p-cpe:/a:novell:opensuse:postgresql12-server-devel", "p-cpe:/a:novell:opensuse:postgresql12-test", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1994.NASL", "href": "https://www.tenable.com/plugins/nessus/151725", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1994-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151725);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\"CVE-2021-32027\", \"CVE-2021-32028\", \"CVE-2021-32029\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"openSUSE 15 Security Update : postgresql12 (openSUSE-SU-2021:1994-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1994-1 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185926\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6AKC5KVKWVYW4R23NQPYSXI57JD6CIYN/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68fa1a8c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'postgresql12-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-contrib-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-devel-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-llvmjit-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-plperl-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-plpython-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-pltcl-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-server-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-server-devel-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-test-12.7-8.20.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql12 / postgresql12-contrib / postgresql12-devel / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:56:01", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5197 advisory.\n\n - postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)\n\n - postgresql: libpq processes unencrypted bytes from man-in-the-middle (CVE-2021-23222)\n\n - postgresql: memory disclosure in certain queries (CVE-2021-3677)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-16T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-postgresql12-postgresql (RHSA-2021:5197)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-3677"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-static", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-test"], "id": "REDHAT-RHSA-2021-5197.NASL", "href": "https://www.tenable.com/plugins/nessus/156128", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:5197. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156128);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-3677\", \"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"RHSA\", value:\"2021:5197\");\n\n script_name(english:\"RHEL 7 : rh-postgresql12-postgresql (RHSA-2021:5197)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:5197 advisory.\n\n - postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)\n\n - postgresql: libpq processes unencrypted bytes from man-in-the-middle (CVE-2021-23222)\n\n - postgresql: memory disclosure in certain queries (CVE-2021-3677)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:5197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001857\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2022666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2022675\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(89, 200, 522);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-test\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-postgresql12-postgresql-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-devel-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-devel-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-docs-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-docs-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-libs-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-libs-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plperl-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plperl-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plpython-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plpython-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-pltcl-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-pltcl-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-syspaths-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-syspaths-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-static-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-static-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-syspaths-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-syspaths-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-test-12.9-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-test-12.9-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-postgresql12-postgresql / rh-postgresql12-postgresql-contrib / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:56:47", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5179 advisory.\n\n - postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)\n\n - postgresql: libpq processes unencrypted bytes from man-in-the-middle (CVE-2021-23222)\n\n - postgresql: memory disclosure in certain queries (CVE-2021-3677)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-16T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-postgresql13-postgresql (RHSA-2021:5179)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-3677"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython3", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-static", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-test"], "id": "REDHAT-RHSA-2021-5179.NASL", "href": "https://www.tenable.com/plugins/nessus/156126", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:5179. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156126);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-3677\", \"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"RHSA\", value:\"2021:5179\");\n\n script_name(english:\"RHEL 7 : rh-postgresql13-postgresql (RHSA-2021:5179)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:5179 advisory.\n\n - postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)\n\n - postgresql: libpq processes unencrypted bytes from man-in-the-middle (CVE-2021-23222)\n\n - postgresql: memory disclosure in certain queries (CVE-2021-3677)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:5179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001857\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2022666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2022675\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(89, 200, 522);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-contrib-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-server-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql13-postgresql-test\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-postgresql13-postgresql-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-syspaths-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-contrib-syspaths-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-devel-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-devel-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-docs-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-docs-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-libs-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-libs-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plperl-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plperl-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython3-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-plpython3-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-pltcl-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-pltcl-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-syspaths-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-server-syspaths-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-static-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-static-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-syspaths-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-syspaths-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-test-13.5-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql13-postgresql-test-13.5-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-postgresql13-postgresql / rh-postgresql13-postgresql-contrib / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:14", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2372 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-16T00:00:00", "type": "nessus", "title": "CentOS 8 : postgresql:12 (CESA-2021:2372)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:pgaudit", "p-cpe:/a:centos:centos:postgres-decoderbufs", "p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython3", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-server-devel", "p-cpe:/a:centos:centos:postgresql-static", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql-test-rpm-macros", "p-cpe:/a:centos:centos:postgresql-upgrade", "p-cpe:/a:centos:centos:postgresql-upgrade-devel"], "id": "CENTOS8_RHSA-2021-2372.NASL", "href": "https://www.tenable.com/plugins/nessus/150837", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:2372. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150837);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2372\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"CentOS 8 : postgresql:12 (CESA-2021:2372)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:2372 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2372\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'pgaudit-1.4.0-6.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pgaudit-1.4.0-6.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:14:06", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2372 advisory.\n\n - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read. (CVE-2021-3393)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality. (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : postgresql:12 (RLSA-2021:2372)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:pgaudit", "p-cpe:/a:rocky:linux:pgaudit-debuginfo", "p-cpe:/a:rocky:linux:pgaudit-debugsource", "p-cpe:/a:rocky:linux:postgres-decoderbufs", "p-cpe:/a:rocky:linux:postgres-decoderbufs-debuginfo", "p-cpe:/a:rocky:linux:postgres-decoderbufs-debugsource", "p-cpe:/a:rocky:linux:postgresql", "p-cpe:/a:rocky:linux:postgresql-contrib", "p-cpe:/a:rocky:linux:postgresql-contrib-debuginfo", "p-cpe:/a:rocky:linux:postgresql-debuginfo", "p-cpe:/a:rocky:linux:postgresql-debugsource", "p-cpe:/a:rocky:linux:postgresql-docs", "p-cpe:/a:rocky:linux:postgresql-docs-debuginfo", "p-cpe:/a:rocky:linux:postgresql-plperl", "p-cpe:/a:rocky:linux:postgresql-plperl-debuginfo", "p-cpe:/a:rocky:linux:postgresql-plpython3", "p-cpe:/a:rocky:linux:postgresql-plpython3-debuginfo", "p-cpe:/a:rocky:linux:postgresql-pltcl", "p-cpe:/a:rocky:linux:postgresql-pltcl-debuginfo", "p-cpe:/a:rocky:linux:postgresql-server", "p-cpe:/a:rocky:linux:postgresql-server-debuginfo", "p-cpe:/a:rocky:linux:postgresql-server-devel", "p-cpe:/a:rocky:linux:postgresql-server-devel-debuginfo", "p-cpe:/a:rocky:linux:postgresql-static", "p-cpe:/a:rocky:linux:postgresql-test", "p-cpe:/a:rocky:linux:postgresql-test-debuginfo", "p-cpe:/a:rocky:linux:postgresql-test-rpm-macros", "p-cpe:/a:rocky:linux:postgresql-upgrade", "p-cpe:/a:rocky:linux:postgresql-upgrade-debuginfo", "p-cpe:/a:rocky:linux:postgresql-upgrade-devel", "p-cpe:/a:rocky:linux:postgresql-upgrade-devel-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-2372.NASL", "href": "https://www.tenable.com/plugins/nessus/157772", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:2372.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157772);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"RLSA\", value:\"2021:2372\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Rocky Linux 8 : postgresql:12 (RLSA-2021:2372)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:2372 advisory.\n\n - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A\n user having UPDATE permission but not SELECT permission to a particular column could craft queries which,\n under some circumstances, might disclose values from that column in error messages. An attacker could use\n this flaw to obtain information stored in a column they are allowed to write but not read. (CVE-2021-3393)\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted\n table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from\n this vulnerability is to data confidentiality. (CVE-2021-32028)\n\n - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an\n authenticated database user could read arbitrary bytes of server memory. The highest threat from this\n vulnerability is to data confidentiality. (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:2372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1924005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pgaudit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgres-decoderbufs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-docs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-plpython3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-server-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:postgresql-upgrade-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.4'},\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.4'},\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.5'},\n {'reference':'pgaudit-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-1.5'},\n {'reference':'pgaudit-debuginfo-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.4'},\n {'reference':'pgaudit-debuginfo-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.4'},\n {'reference':'pgaudit-debuginfo-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.5'},\n {'reference':'pgaudit-debuginfo-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debuginfo-1.5'},\n {'reference':'pgaudit-debugsource-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.4'},\n {'reference':'pgaudit-debugsource-1.4.0-6.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.4'},\n {'reference':'pgaudit-debugsource-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.5'},\n {'reference':'pgaudit-debugsource-1.5.0-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'pgaudit-debugsource-1.5'},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-10'},\n {'reference':'postgresql-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-10'},\n {'reference':'postgresql-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-12'},\n {'reference':'postgresql-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-12'},\n {'reference':'postgresql-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-13'},\n {'reference':'postgresql-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-13'},\n {'reference':'postgresql-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-9'},\n {'reference':'postgresql-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-9'},\n {'reference':'postgresql-contrib-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-10'},\n {'reference':'postgresql-contrib-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-10'},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-12'},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-12'},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-13'},\n {'reference':'postgresql-contrib-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-13'},\n {'reference':'postgresql-contrib-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-9'},\n {'reference':'postgresql-contrib-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-9'},\n {'reference':'postgresql-contrib-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-10'},\n {'reference':'postgresql-contrib-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-10'},\n {'reference':'postgresql-contrib-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-12'},\n {'reference':'postgresql-contrib-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-12'},\n {'reference':'postgresql-contrib-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-13'},\n {'reference':'postgresql-contrib-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-13'},\n {'reference':'postgresql-contrib-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-9'},\n {'reference':'postgresql-contrib-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-contrib-debuginfo-9'},\n {'reference':'postgresql-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-10'},\n {'reference':'postgresql-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-10'},\n {'reference':'postgresql-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-12'},\n {'reference':'postgresql-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-12'},\n {'reference':'postgresql-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-13'},\n {'reference':'postgresql-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-13'},\n {'reference':'postgresql-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-9'},\n {'reference':'postgresql-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debuginfo-9'},\n {'reference':'postgresql-debugsource-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-10'},\n {'reference':'postgresql-debugsource-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-10'},\n {'reference':'postgresql-debugsource-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-12'},\n {'reference':'postgresql-debugsource-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-12'},\n {'reference':'postgresql-debugsource-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-13'},\n {'reference':'postgresql-debugsource-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-13'},\n {'reference':'postgresql-debugsource-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-9'},\n {'reference':'postgresql-debugsource-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-debugsource-9'},\n {'reference':'postgresql-docs-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-10'},\n {'reference':'postgresql-docs-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-10'},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-12'},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-12'},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-13'},\n {'reference':'postgresql-docs-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-13'},\n {'reference':'postgresql-docs-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-9'},\n {'reference':'postgresql-docs-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-9'},\n {'reference':'postgresql-docs-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-10'},\n {'reference':'postgresql-docs-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-10'},\n {'reference':'postgresql-docs-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-12'},\n {'reference':'postgresql-docs-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-12'},\n {'reference':'postgresql-docs-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-13'},\n {'reference':'postgresql-docs-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-13'},\n {'reference':'postgresql-docs-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-9'},\n {'reference':'postgresql-docs-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-docs-debuginfo-9'},\n {'reference':'postgresql-plperl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-10'},\n {'reference':'postgresql-plperl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-10'},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-12'},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-12'},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-13'},\n {'reference':'postgresql-plperl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-13'},\n {'reference':'postgresql-plperl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-9'},\n {'reference':'postgresql-plperl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-9'},\n {'reference':'postgresql-plperl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-10'},\n {'reference':'postgresql-plperl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-10'},\n {'reference':'postgresql-plperl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-12'},\n {'reference':'postgresql-plperl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-12'},\n {'reference':'postgresql-plperl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-13'},\n {'reference':'postgresql-plperl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-13'},\n {'reference':'postgresql-plperl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-9'},\n {'reference':'postgresql-plperl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plperl-debuginfo-9'},\n {'reference':'postgresql-plpython3-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-10'},\n {'reference':'postgresql-plpython3-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-10'},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-12'},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-12'},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-13'},\n {'reference':'postgresql-plpython3-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-13'},\n {'reference':'postgresql-plpython3-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-9'},\n {'reference':'postgresql-plpython3-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-9'},\n {'reference':'postgresql-plpython3-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-10'},\n {'reference':'postgresql-plpython3-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-10'},\n {'reference':'postgresql-plpython3-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-12'},\n {'reference':'postgresql-plpython3-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-12'},\n {'reference':'postgresql-plpython3-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-13'},\n {'reference':'postgresql-plpython3-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-13'},\n {'reference':'postgresql-plpython3-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-9'},\n {'reference':'postgresql-plpython3-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-plpython3-debuginfo-9'},\n {'reference':'postgresql-pltcl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-10'},\n {'reference':'postgresql-pltcl-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-10'},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-12'},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-12'},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-13'},\n {'reference':'postgresql-pltcl-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-13'},\n {'reference':'postgresql-pltcl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-9'},\n {'reference':'postgresql-pltcl-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-9'},\n {'reference':'postgresql-pltcl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-10'},\n {'reference':'postgresql-pltcl-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-10'},\n {'reference':'postgresql-pltcl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-12'},\n {'reference':'postgresql-pltcl-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-12'},\n {'reference':'postgresql-pltcl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-13'},\n {'reference':'postgresql-pltcl-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-13'},\n {'reference':'postgresql-pltcl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-9'},\n {'reference':'postgresql-pltcl-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-pltcl-debuginfo-9'},\n {'reference':'postgresql-server-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-10'},\n {'reference':'postgresql-server-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-10'},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-12'},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-12'},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-13'},\n {'reference':'postgresql-server-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-13'},\n {'reference':'postgresql-server-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-9'},\n {'reference':'postgresql-server-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-9'},\n {'reference':'postgresql-server-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-10'},\n {'reference':'postgresql-server-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-10'},\n {'reference':'postgresql-server-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-12'},\n {'reference':'postgresql-server-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-12'},\n {'reference':'postgresql-server-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-13'},\n {'reference':'postgresql-server-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-13'},\n {'reference':'postgresql-server-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-9'},\n {'reference':'postgresql-server-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-debuginfo-9'},\n {'reference':'postgresql-server-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-10'},\n {'reference':'postgresql-server-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-10'},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-12'},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-12'},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-13'},\n {'reference':'postgresql-server-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-13'},\n {'reference':'postgresql-server-devel-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-9'},\n {'reference':'postgresql-server-devel-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-9'},\n {'reference':'postgresql-server-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-10'},\n {'reference':'postgresql-server-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-10'},\n {'reference':'postgresql-server-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-12'},\n {'reference':'postgresql-server-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-12'},\n {'reference':'postgresql-server-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-13'},\n {'reference':'postgresql-server-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-13'},\n {'reference':'postgresql-server-devel-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-9'},\n {'reference':'postgresql-server-devel-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-server-devel-debuginfo-9'},\n {'reference':'postgresql-static-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-10'},\n {'reference':'postgresql-static-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-10'},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-12'},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-12'},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-13'},\n {'reference':'postgresql-static-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-13'},\n {'reference':'postgresql-static-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-9'},\n {'reference':'postgresql-static-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-static-9'},\n {'reference':'postgresql-test-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-10'},\n {'reference':'postgresql-test-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-10'},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-12'},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-12'},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-13'},\n {'reference':'postgresql-test-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-13'},\n {'reference':'postgresql-test-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-9'},\n {'reference':'postgresql-test-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-9'},\n {'reference':'postgresql-test-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-10'},\n {'reference':'postgresql-test-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-10'},\n {'reference':'postgresql-test-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-12'},\n {'reference':'postgresql-test-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-12'},\n {'reference':'postgresql-test-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-13'},\n {'reference':'postgresql-test-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-13'},\n {'reference':'postgresql-test-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-9'},\n {'reference':'postgresql-test-debuginfo-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-debuginfo-9'},\n {'reference':'postgresql-test-rpm-macros-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-10'},\n {'reference':'postgresql-test-rpm-macros-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-10'},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+587+d46efd10', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-12'},\n {'reference':'postgresql-test-rpm-macros-13.3-1.module+el8.4.0+546+3620623e', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-13'},\n {'reference':'postgresql-test-rpm-macros-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-9'},\n {'reference':'postgresql-test-rpm-macros-9.6.22-1.module+el8.4.0+547+51cac6db', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-test-rpm-macros-9'},\n {'reference':'postgresql-upgrade-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-10'},\n {'reference':'postgresql-upgrade-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-10'},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-12'},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-12'},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-13'},\n {'reference':'postgresql-upgrade-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-13'},\n {'reference':'postgresql-upgrade-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-10'},\n {'reference':'postgresql-upgrade-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-10'},\n {'reference':'postgresql-upgrade-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-12'},\n {'reference':'postgresql-upgrade-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-12'},\n {'reference':'postgresql-upgrade-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-13'},\n {'reference':'postgresql-upgrade-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-debuginfo-13'},\n {'reference':'postgresql-upgrade-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-10'},\n {'reference':'postgresql-upgrade-devel-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-10'},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-12'},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-12'},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-13'},\n {'reference':'postgresql-upgrade-devel-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-13'},\n {'reference':'postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-10'},\n {'reference':'postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.4.0+548+9eccbe3f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-10'},\n {'reference':'postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-12'},\n {'reference':'postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.4.0+587+d46efd10', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-12'},\n {'reference':'postgresql-upgrade-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-13'},\n {'reference':'postgresql-upgrade-devel-debuginfo-13.3-1.module+el8.4.0+546+3620623e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'postgresql-upgrade-devel-debuginfo-13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / pgaudit-debuginfo / pgaudit-debugsource / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:42", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2372 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATEmore details (CVE-2021-32028)\n\n - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read. (CVE-2021-3393)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNINGmore details (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-11T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : postgresql:12 (ELSA-2021-2372)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2021-08-19T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:pgaudit", "p-cpe:/a:oracle:linux:postgres-decoderbufs", "p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython3", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-server-devel", "p-cpe:/a:oracle:linux:postgresql-static", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql-test-rpm-macros", "p-cpe:/a:oracle:linux:postgresql-upgrade", "p-cpe:/a:oracle:linux:postgresql-upgrade-devel"], "id": "ORACLELINUX_ELSA-2021-2372.NASL", "href": "https://www.tenable.com/plugins/nessus/150723", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-2372.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150723);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/19\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"Oracle Linux 8 : postgresql:12 (ELSA-2021-2372)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-2372 advisory.\n\n - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before\n 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users\n write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to\n data confidentiality and integrity as well as system availability. (CVE-2021-32027)\n\n - Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATEmore details (CVE-2021-32028)\n\n - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A\n user having UPDATE permission but not SELECT permission to a particular column could craft queries which,\n under some circumstances, might disclose values from that column in error messages. An attacker could use\n this flaw to obtain information stored in a column they are allowed to write but not read. (CVE-2021-3393)\n\n - Memory disclosure in partitioned-table UPDATE ... RETURNINGmore details (CVE-2021-32029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-2372.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/postgresql');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module postgresql:' + module_ver);\n\nappstreams = {\n 'postgresql:12': [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+20191+2f8d0e59', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+20191+2f8d0e59', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:30", "description": "This update for postgresql12 fixes the following issues :\n\nUpgrade to version 12.7 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING 'pg_psql_temporary_savepoint' does not exist (bsc#1185926).\n\nCVE-2021-3393: Fixed information leakage in constraint-violation error messages (bsc#1182040).\n\nDon't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : postgresql12 (SUSE-SU-2021:1783-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql12", "p-cpe:/a:novell:suse_linux:postgresql12-contrib", "p-cpe:/a:novell:suse_linux:postgresql12-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql12-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql12-debugsource", "p-cpe:/a:novell:suse_linux:postgresql12-plperl", "p-cpe:/a:novell:suse_linux:postgresql12-plperl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql12-plpython", "p-cpe:/a:novell:suse_linux:postgresql12-plpython-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql12-pltcl", "p-cpe:/a:novell:suse_linux:postgresql12-pltcl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql12-server", "p-cpe:/a:novell:suse_linux:postgresql12-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1783-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150100", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1783-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150100);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : postgresql12 (SUSE-SU-2021:1783-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for postgresql12 fixes the following issues :\n\nUpgrade to version 12.7 :\n\nCVE-2021-32027: Fixed integer overflows in array subscripting\ncalculations (bsc#1185924).\n\nCVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON\nCONFLICT ... UPDATE target lists (bsc#1185925).\n\nCVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...\nRETURNING 'pg_psql_temporary_savepoint' does not exist (bsc#1185926).\n\nCVE-2021-3393: Fixed information leakage in constraint-violation error\nmessages (bsc#1182040).\n\nDon't use %_stop_on_removal, because it was meant to be private and\ngot removed from openSUSE. %_restart_on_update is also private, but\nstill supported and needed for now (bsc#1183168).\n\nRe-enable build of the llvmjit subpackage on SLE, but it will only be\ndelivered on PackageHub for now (bsc#1183118).\n\nDisable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1182040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32027/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32028/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-32029/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3393/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211783-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b56de05\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2021-1783=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1783=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql12-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-contrib-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-contrib-debuginfo-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-debuginfo-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-debugsource-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-plperl-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-plperl-debuginfo-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-plpython-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-plpython-debuginfo-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-pltcl-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-pltcl-debuginfo-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-server-12.7-3.15.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"postgresql12-server-debuginfo-12.7-3.15.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql12\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:00", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2372 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-16T00:00:00", "type": "nessus", "title": "RHEL 8 : postgresql:12 (RHSA-2021:2372)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:pgaudit", "p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs", "p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-static", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel"], "id": "REDHAT-RHSA-2021-2372.NASL", "href": "https://www.tenable.com/plugins/nessus/150815", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2372. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150815);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2372\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"RHEL 8 : postgresql:12 (RHSA-2021:2372)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2372 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1924005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 125, 190, 200, 209);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'postgresql:12': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.4.0+11288+c193d6d7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/postgresql');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module postgresql:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:00", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2389 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-14T00:00:00", "type": "nessus", "title": "RHEL 8 : postgresql:12 (RHSA-2021:2389)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:pgaudit", "p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs", "p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-static", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel"], "id": "REDHAT-RHSA-2021-2389.NASL", "href": "https://www.tenable.com/plugins/nessus/150759", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2389. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150759);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2389\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"RHEL 8 : postgresql:12 (RHSA-2021:2389)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2389 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1924005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 125, 190, 200, 209);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pgaudit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgres-decoderbufs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'postgresql:12': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-contrib-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-docs-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plperl-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-plpython3-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-pltcl-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-server-devel-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-static-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-test-rpm-macros-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql-upgrade-devel-12.7-1.module+el8.2.0+11251+7a3cc531', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/postgresql');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\nif ('12' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module postgresql:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module postgresql:12');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pgaudit / postgres-decoderbufs / postgresql / postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:00", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2394 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-15T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-postgresql12-postgresql (RHSA-2021:2394)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029", "CVE-2021-3393"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-static", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-syspaths", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-test"], "id": "REDHAT-RHSA-2021-2394.NASL", "href": "https://www.tenable.com/plugins/nessus/150790", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2394. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150790);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3393\",\n \"CVE-2021-32027\",\n \"CVE-2021-32028\",\n \"CVE-2021-32029\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2394\");\n script_xref(name:\"IAVB\", value:\"2021-B-0036-S\");\n\n script_name(english:\"RHEL 7 : rh-postgresql12-postgresql (RHSA-2021:2394)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2394 advisory.\n\n - postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n - postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\n - postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING (CVE-2021-32029)\n\n - postgresql: Partition constraint violation errors leak values of denied columns (CVE-2021-3393)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-32029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2394\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1924005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956876\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1956883\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-32027\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 125, 190, 200, 209);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-contrib-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-server-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-syspaths\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-test\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-postgresql12-postgresql-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-syspaths-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-contrib-syspaths-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-devel-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-devel-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-docs-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-docs-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-libs-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-libs-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plperl-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plperl-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plpython-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-plpython-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-pltcl-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-pltcl-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-syspaths-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-server-syspaths-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-static-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-static-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-syspaths-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-syspaths-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-test-12.7-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-postgresql12-postgresql-test-12.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-postgresql12-postgresql / rh-postgresql12-postgresql-contrib / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T20:56:15", "description": "According to the versions of the postgresql packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in- the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n (CVE-2020-25694)\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : postgresql (EulerOS-SA-2022-2528)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25694", "CVE-2021-23214", "CVE-2021-23222", "CVE-2022-1552"], "modified": "2022-10-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2022-2528.NASL", "href": "https://www.tenable.com/plugins/nessus/165886", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165886);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/11\");\n\n script_cve_id(\n \"CVE-2020-25694\",\n \"CVE-2021-23214\",\n \"CVE-2021-23222\",\n \"CVE-2022-1552\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n script_xref(name:\"IAVB\", value:\"2020-B-0069-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0015-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : postgresql (EulerOS-SA-2022-2528)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the postgresql packages installed, the EulerOS Virtualization installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before\n 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses\n the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-\n the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat\n from this vulnerability is to data confidentiality and integrity as well as system availability.\n (CVE-2020-25694)\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert\n authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first\n established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use\n of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a\n privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH\n MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all\n during the process. This flaw allows an attacker with permission to create non-temporary objects in at\n least one schema to execute arbitrary SQL functions under a superuser identity. (CVE-2022-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2528\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e9a20c17\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25694\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1552\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"postgresql-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-contrib-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-devel-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-docs-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-libs-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-plperl-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-plpython-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-pltcl-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-server-9.2.24-1.h5.eulerosv2r7\",\n \"postgresql-test-9.2.24-1.h5.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:43:03", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5145-1 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-12T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 : PostgreSQL vulnerabilities (USN-5145-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.04", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3", "p-cpe:/a:canonical:ubuntu_linux:libecpg-dev", "p-cpe:/a:canonical:ubuntu_linux:libecpg6", "p-cpe:/a:canonical:ubuntu_linux:libpgtypes3", "p-cpe:/a:canonical:ubuntu_linux:libpq-dev", "p-cpe:/a:canonical:ubuntu_linux:libpq5", "p-cpe:/a:canonical:ubuntu_linux:postgresql-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-client-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-13", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-12", "p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-13"], "id": "UBUNTU_USN-5145-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155295", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5145-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155295);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"USN\", value:\"5145-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 : PostgreSQL vulnerabilities (USN-5145-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5145-1 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5145-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpgtypes3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpq-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|21\\.04|21\\.10)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 21.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'libecpg-compat3', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libecpg-dev', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libecpg6', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpgtypes3', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpq-dev', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libpq5', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-client-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plperl-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plpython-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-plpython3-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-pltcl-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'postgresql-server-dev-10', 'pkgver': '10.19-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg-compat3', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg-dev', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libecpg6', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpgtypes3', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpq-dev', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libpq5', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-client-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-plperl-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-plpython3-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-pltcl-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'postgresql-server-dev-12', 'pkgver': '12.9-0ubuntu0.20.04.1'},\n {'osver': '21.04', 'pkgname': 'libecpg-compat3', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libecpg-dev', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libecpg6', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpgtypes3', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpq-dev', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'libpq5', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-client-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-plperl-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-plpython3-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-pltcl-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.04', 'pkgname': 'postgresql-server-dev-13', 'pkgver': '13.5-0ubuntu0.21.04.1'},\n {'osver': '21.10', 'pkgname': 'libecpg-compat3', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libecpg-dev', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libecpg6', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libpgtypes3', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libpq-dev', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'libpq5', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-13', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-client-13', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-plperl-13', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-plpython3-13', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-pltcl-13', 'pkgver': '13.5-0ubuntu0.21.10.1'},\n {'osver': '21.10', 'pkgname': 'postgresql-server-dev-13', 'pkgver': '13.5-0ubuntu0.21.10.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg-compat3 / libecpg-dev / libecpg6 / libpgtypes3 / libpq-dev / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T14:53:22", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3759-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : postgresql14 (openSUSE-SU-2021:3759-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2022-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:postgresql14", "p-cpe:/a:novell:opensuse:postgresql14-contrib", "p-cpe:/a:novell:opensuse:postgresql14-devel", "p-cpe:/a:novell:opensuse:postgresql14-devel-mini", "p-cpe:/a:novell:opensuse:postgresql14-llvmjit", "p-cpe:/a:novell:opensuse:postgresql14-plperl", "p-cpe:/a:novell:opensuse:postgresql14-plpython", "p-cpe:/a:novell:opensuse:postgresql14-pltcl", "p-cpe:/a:novell:opensuse:postgresql14-server", "p-cpe:/a:novell:opensuse:postgresql14-server-devel", "p-cpe:/a:novell:opensuse:postgresql14-test", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-3759.NASL", "href": "https://www.tenable.com/plugins/nessus/155664", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:3759-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155664);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/16\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n\n script_name(english:\"openSUSE 15 Security Update : postgresql14 (openSUSE-SU-2021:3759-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:3759-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NNALH7TSYYNMSZ7EMUEZ2S7IBYAU75OE/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3da89c6f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-devel-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql14-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libecpg6-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libecpg6-32bit-14.1-5.6.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpq5-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpq5-32bit-14.1-5.6.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-contrib-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-devel-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-devel-mini-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-llvmjit-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-plperl-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-plpython-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-pltcl-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-server-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-server-devel-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql14-test-14.1-5.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql14 / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T14:44:40", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3757-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : postgresql96 (SUSE-SU-2021:3757-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2022-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql96", "p-cpe:/a:novell:suse_linux:postgresql96-contrib", "p-cpe:/a:novell:suse_linux:postgresql96-docs", "p-cpe:/a:novell:suse_linux:postgresql96-plperl", "p-cpe:/a:novell:suse_linux:postgresql96-plpython", "p-cpe:/a:novell:suse_linux:postgresql96-pltcl", "p-cpe:/a:novell:suse_linux:postgresql96-server", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3757-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155671", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3757-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155671);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/16\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3757-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n\n script_name(english:\"SUSE SLES12 Security Update : postgresql96 (SUSE-SU-2021:3757-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3757-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009763.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?942c09b0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'postgresql96-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-contrib-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-docs-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-plperl-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-plpython-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-pltcl-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-server-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'postgresql96-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-contrib-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-docs-9.6.24-6.18.2', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-plperl-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-plpython-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-pltcl-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-server-9.6.24-6.18.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'postgresql96-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-contrib-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-contrib-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-docs-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-docs-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-plperl-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-plperl-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-plpython-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-plpython-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-pltcl-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-pltcl-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-server-9.6.24-6.18.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'postgresql96-server-9.6.24-6.18.2', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql96 / postgresql96-contrib / postgresql96-docs / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:21", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3762-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : postgresql13 (openSUSE-SU-2021:3762-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2022-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql13", "p-cpe:/a:novell:opensuse:postgresql13-contrib", "p-cpe:/a:novell:opensuse:postgresql13-devel", "p-cpe:/a:novell:opensuse:postgresql13-llvmjit", "p-cpe:/a:novell:opensuse:postgresql13-plperl", "p-cpe:/a:novell:opensuse:postgresql13-plpython", "p-cpe:/a:novell:opensuse:postgresql13-pltcl", "p-cpe:/a:novell:opensuse:postgresql13-server", "p-cpe:/a:novell:opensuse:postgresql13-server-devel", "p-cpe:/a:novell:opensuse:postgresql13-test", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-3762.NASL", "href": "https://www.tenable.com/plugins/nessus/155665", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:3762-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155665);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/16\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n\n script_name(english:\"openSUSE 15 Security Update : postgresql13 (openSUSE-SU-2021:3762-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:3762-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TKUQ4NBJFXX6V3DRII3AKLC2VO5WMZJB/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9906ced0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql13-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'postgresql13-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-contrib-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-devel-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-llvmjit-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-plperl-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-plpython-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-pltcl-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-server-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-server-devel-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql13-test-13.5-5.22.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql13 / postgresql13-contrib / postgresql13-devel / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:40", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3758-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : postgresql12 (openSUSE-SU-2021:3758-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2022-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql12", "p-cpe:/a:novell:opensuse:postgresql12-contrib", "p-cpe:/a:novell:opensuse:postgresql12-devel", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit", "p-cpe:/a:novell:opensuse:postgresql12-plperl", "p-cpe:/a:novell:opensuse:postgresql12-plpython", "p-cpe:/a:novell:opensuse:postgresql12-pltcl", "p-cpe:/a:novell:opensuse:postgresql12-server", "p-cpe:/a:novell:opensuse:postgresql12-server-devel", "p-cpe:/a:novell:opensuse:postgresql12-test", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-3758.NASL", "href": "https://www.tenable.com/plugins/nessus/155663", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:3758-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155663);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/16\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n\n script_name(english:\"openSUSE 15 Security Update : postgresql12 (openSUSE-SU-2021:3758-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:3758-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EY3TDIO4JWN2U76KHSAM3F7JGOFA3VEQ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4ade9a12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'postgresql12-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-contrib-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-devel-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-llvmjit-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-plperl-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-plpython-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-pltcl-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-server-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-server-devel-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'postgresql12-test-12.9-8.26.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql12 / postgresql12-contrib / postgresql12-devel / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:07", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3762-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:3762-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222"], "modified": "2022-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql13", "p-cpe:/a:novell:suse_linux:postgresql13-contrib", "p-cpe:/a:novell:suse_linux:postgresql13-devel", "p-cpe:/a:novell:suse_linux:postgresql13-docs", "p-cpe:/a:novell:suse_linux:postgresql13-llvmjit", "p-cpe:/a:novell:suse_linux:postgresql13-plperl", "p-cpe:/a:novell:suse_linux:postgresql13-plpython", "p-cpe:/a:novell:suse_linux:postgresql13-pltcl", "p-cpe:/a:novell:suse_linux:postgresql13-server", "p-cpe:/a:novell:suse_linux:postgresql13-server-devel", "p-cpe:/a:novell:suse_linux:postgresql13-test", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3762-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155666", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3762-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155666);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/16\");\n\n script_cve_id(\"CVE-2021-23214\", \"CVE-2021-23222\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3762-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0067\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:3762-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:3762-1 advisory.\n\n - Server processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23214)\n\n - libpq processes unencrypted bytes from man-in-the-middlemore details (CVE-2021-23222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192516\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009762.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fa9800c1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-23222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23214\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql13-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'postgresql13-13.5-5.22.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'postgresql13-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'postgresql13-13.5-5.22.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'postgresql13-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'postgresql13-llvmjit-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.2'},\n {'reference':'postgresql13-test-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.2'},\n {'reference':'postgresql13-llvmjit-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.3'},\n {'reference':'postgresql13-test-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.3'},\n {'reference':'postgresql13-contrib-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-devel-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-docs-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-plperl-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-plpython-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-pltcl-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-server-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-server-devel-13.5-5.22.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'postgresql13-contrib-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-devel-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-docs-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-plperl-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-plpython-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-pltcl-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-server-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'postgresql13-server-devel-13.5-5.22.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'postgresql13 / postgresql13-contrib / postgresql13-devel / etc');\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T14:45:06", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5006 advisory.\n\n - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. (CVE-2021-23222)\n\n - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. (CVE-2021-23214)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self- reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privile