{"id": "UBUNTU_USN-1247-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "description": "An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2011-10-26T00:00:00", "modified": "2020-03-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/nessus/56646", "reporter": "Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/1247-1/"], "cvelist": [], "type": "nessus", "lastseen": "2020-03-18T03:17:49", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss3": {}, "description": "An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 11, "enchantments": {"dependencies": {"modified": "2020-02-01T02:37:52", "references": [{"idList": ["CESA-2019:2178"], "type": "centos"}, {"idList": ["AL2_ALAS-2019-1377.NASL", "NEWSTART_CGSL_NS-SA-2019-0225_RSYSLOG.NASL", "NEWSTART_CGSL_NS-SA-2019-0201_UDISKS2.NASL", "NEWSTART_CGSL_NS-SA-2019-0248_UDISKS2.NASL", "REDHAT-RHSA-2019-3520.NASL", "EULEROS_SA-2019-2193.NASL", "EULEROS_SA-2019-2225.NASL", "EULEROS_SA-2019-1944.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562311220191069", "OPENVAS:1361412562311220192193", "OPENVAS:1361412562311220191323", "OPENVAS:1361412562311220191405", "OPENVAS:1361412562311220191444", "OPENVAS:1361412562311220171246", "OPENVAS:1361412562311220181310", "OPENVAS:1361412562311220191806", "OPENVAS:1361412562311220171247", "OPENVAS:1361412562311220181244"], "type": "openvas"}]}, "score": {"modified": "2020-02-01T02:37:52", "value": 0.8, "vector": "NONE"}}, "hash": "6dae8d2f5b10186f24bbf5371516bb16d5d464ee496edb088c1df30e98a162af", "hashmap": [{"hash": "19935ad784c8055145172e9e9d20bcdd", "key": "pluginID"}, {"hash": "a518a6bb00717af7276f4b6269321722", "key": "title"}, {"hash": "73a7f6998048223f8649139cd1bb83be", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "73cf1fc8f184b062206479f3bb4924f9", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "248ddfee5cc8aa2c1a4fce14baf1e1b1", "key": "modified"}, {"hash": "67f4e978d3410654d97e185b7b425ba1", "key": "reporter"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84c3fb7d0e86edfd843b96108e404cfc", "key": "href"}, {"hash": "f5c4d7d768fa8a61021e8cc01bd3165b", "key": "cpe"}, {"hash": "483d504e2654771c2045bcb6f202ae54", "key": "references"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "9b4e3a905fe7c637999284824daf11c3", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/56646", "id": "UBUNTU_USN-1247-1.NASL", "lastseen": "2020-02-01T02:37:52", "modified": "2020-02-02T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "56646", "published": "2011-10-26T00:00:00", "references": ["https://usn.ubuntu.com/1247-1/"], "reporter": "Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1247-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 11, "lastseen": "2020-02-01T02:37:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "533b1957411ca1a23174989cd82613a586cff33965b249d663479f6c033549f9", "hashmap": [{"hash": "5ebefc09f1b29d9e0dad2276c1ad05e8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "19935ad784c8055145172e9e9d20bcdd", "key": "pluginID"}, {"hash": "d9191407d7b7374ce650de5d9ebbbf1e", "key": "description"}, {"hash": "a518a6bb00717af7276f4b6269321722", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "14f77dddb257498b1478bd632318212c", "key": "sourceData"}, {"hash": "f5c4d7d768fa8a61021e8cc01bd3165b", "key": "cpe"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "9b4e3a905fe7c637999284824daf11c3", "key": "published"}, {"hash": "81baf5c6b6b16a8bf7de01992185436c", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=56646", "id": "UBUNTU_USN-1247-1.NASL", "lastseen": "2017-10-29T13:45:21", "modified": "2016-05-25T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "56646", "published": "2011-10-26T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/05/25 16:11:44 $\");\n\n script_osvdb_id(76640);\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:45:21"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-02-21T01:15:33", "references": [{"idList": ["OPENSUSE-SU-2018:3372-1"], "type": "suse"}, {"idList": ["USN-3772-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:1361412562310851960", "OPENVAS:1361412562310843758", "OPENVAS:1361412562310843641", "OPENVAS:1361412562310875125", "OPENVAS:1361412562310875137"], "type": "openvas"}, {"idList": ["UBUNTU_USN-3772-1.NASL", "SUSE_SU-2018-3278-1.NASL", "EULEROS_SA-2018-1247.NASL", "FEDORA_2018-3D187B1A5B.NASL", "FEDORA_2018-77431AB417.NASL", "PHOTONOS_PHSA-2017-0014_LINUX.NASL", "VIRTUOZZO_VZLSA-2017-2832.NASL", "EULEROS_SA-2018-1263.NASL", "OPENSUSE-2018-1247.NASL", "FEDORA_2018-F0CE9A3A35.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-02-21T01:15:33", "value": 2.3, "vector": "NONE"}}, "hash": "da8d3ad64080d5cda85b0bc1b80f4b99fdc60ec9548b16d41ddb214f043df6c4", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "19935ad784c8055145172e9e9d20bcdd", "key": "pluginID"}, {"hash": "d9191407d7b7374ce650de5d9ebbbf1e", "key": "description"}, {"hash": "a518a6bb00717af7276f4b6269321722", "key": "title"}, {"hash": "0b7bc3d628637c0ff555114c533a3dda", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d32e73fa6545e896c161a99fc95380e1", "key": "sourceData"}, {"hash": "f5c4d7d768fa8a61021e8cc01bd3165b", "key": "cpe"}, {"hash": "483d504e2654771c2045bcb6f202ae54", "key": "references"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "9b4e3a905fe7c637999284824daf11c3", "key": "published"}, {"hash": "81baf5c6b6b16a8bf7de01992185436c", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=56646", "id": "UBUNTU_USN-1247-1.NASL", "lastseen": "2019-02-21T01:15:33", "modified": "2018-12-01T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "56646", "published": "2011-10-26T00:00:00", "references": ["https://usn.ubuntu.com/1247-1/"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/12/01 13:19:06\");\n\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1247-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description", "reporter", "modified", "sourceData", "href"], "edition": 6, "lastseen": "2019-02-21T01:15:33"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-11-03T12:30:31", "references": [{"idList": ["REDHAT-RHSA-2019-2178.NASL", "EULEROS_SA-2019-1806.NASL", "NEWSTART_CGSL_NS-SA-2019-0201_UDISKS2.NASL", "EULEROS_SA-2019-1405.NASL", "REDHAT-RHSA-2019-2030.NASL", "NEWSTART_CGSL_NS-SA-2019-0112_NSS.NASL", "CENTOS_RHSA-2019-2178.NASL", "EULEROS_SA-2019-1944.NASL", "SL_20190806_UDISKS2_ON_SL7_X.NASL", "EULEROS_SA-2019-1444.NASL"], "type": "nessus"}, {"idList": ["CESA-2019:2178"], "type": "centos"}, {"idList": ["ELSA-2019-2178"], "type": "oraclelinux"}, {"idList": ["RHSA-2019:1260", "RHSA-2019:2178"], "type": "redhat"}]}, "score": {"modified": "2019-11-03T12:30:31", "value": -0.1, "vector": "NONE"}}, "hash": "ff4d47165e3a06f23c9503ddaaab5c09171a7b9cfece8c25a3a66ff996621c49", "hashmap": [{"hash": "abcf9266f425f12dda38f529cd4a94bc", "key": "modified"}, {"hash": "19935ad784c8055145172e9e9d20bcdd", "key": "pluginID"}, {"hash": "a518a6bb00717af7276f4b6269321722", "key": "title"}, {"hash": "73a7f6998048223f8649139cd1bb83be", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "73cf1fc8f184b062206479f3bb4924f9", "key": "description"}, {"hash": "67f4e978d3410654d97e185b7b425ba1", "key": "reporter"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84c3fb7d0e86edfd843b96108e404cfc", "key": "href"}, {"hash": "f5c4d7d768fa8a61021e8cc01bd3165b", "key": "cpe"}, {"hash": "483d504e2654771c2045bcb6f202ae54", "key": "references"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "9b4e3a905fe7c637999284824daf11c3", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/56646", "id": "UBUNTU_USN-1247-1.NASL", "lastseen": "2019-11-03T12:30:31", "modified": "2019-11-02T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "56646", "published": "2011-10-26T00:00:00", "references": ["https://usn.ubuntu.com/1247-1/"], "reporter": "Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1247-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified"], "edition": 8, "lastseen": "2019-11-03T12:30:31"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7bf4d20b4dd07c8e0e18a45b1349b41b8f1e4916456ce5d465995d1c17e8a839", "hashmap": [{"hash": "49c3fb4b0ac9155f2885b97bdd40c68c", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "19935ad784c8055145172e9e9d20bcdd", "key": "pluginID"}, {"hash": "d9191407d7b7374ce650de5d9ebbbf1e", "key": "description"}, {"hash": "a518a6bb00717af7276f4b6269321722", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f5c4d7d768fa8a61021e8cc01bd3165b", "key": "cpe"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "9b4e3a905fe7c637999284824daf11c3", "key": "published"}, {"hash": "81baf5c6b6b16a8bf7de01992185436c", "key": "href"}, {"hash": "97454731434b552ff623b783862a4f17", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=56646", "id": "UBUNTU_USN-1247-1.NASL", "lastseen": "2018-08-17T17:47:23", "modified": "2018-08-15T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "56646", "published": "2011-10-26T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/08/15 12:24:49\");\n\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "title": "Ubuntu 11.10 : nova vulnerability (USN-1247-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 3, "lastseen": "2018-08-17T17:47:23"}], "edition": 12, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "f5c4d7d768fa8a61021e8cc01bd3165b"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "73cf1fc8f184b062206479f3bb4924f9"}, {"key": "href", "hash": "84c3fb7d0e86edfd843b96108e404cfc"}, {"key": "modified", "hash": "af24fd3fdacb4d500ae9d1e724743016"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "19935ad784c8055145172e9e9d20bcdd"}, {"key": "published", "hash": "9b4e3a905fe7c637999284824daf11c3"}, {"key": "references", "hash": "483d504e2654771c2045bcb6f202ae54"}, {"key": "reporter", "hash": "67f4e978d3410654d97e185b7b425ba1"}, {"key": "sourceData", "hash": "73a7f6998048223f8649139cd1bb83be"}, {"key": "title", "hash": "a518a6bb00717af7276f4b6269321722"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "6bf2bed677b889298db5caa25112befd4c1070717cf0c8c1b8fb05dab90b5171", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562311220201247", "OPENVAS:1361412562311220192193", "OPENVAS:1361412562311220171247", "OPENVAS:1361412562311220191444", "OPENVAS:1361412562311220191323", "OPENVAS:1361412562311220171246", "OPENVAS:1361412562311220191806", "OPENVAS:1361412562311220181244", "OPENVAS:1361412562311220191069", "OPENVAS:1361412562311220191405"]}, {"type": "nessus", "idList": ["NEWSTART_CGSL_NS-SA-2019-0248_UDISKS2.NASL", "AL2_ALAS-2019-1377.NASL", "NEWSTART_CGSL_NS-SA-2019-0225_RSYSLOG.NASL", "EULEROS_SA-2019-2193.NASL", "EULEROS_SA-2019-2225.NASL", "REDHAT-RHSA-2019-3520.NASL", "NEWSTART_CGSL_NS-SA-2019-0201_UDISKS2.NASL", "EULEROS_SA-2019-1944.NASL"]}], "modified": "2020-03-18T03:17:49"}, "score": {"value": 0.2, "vector": "NONE", "modified": "2020-03-18T03:17:49"}, "vulnersScore": 0.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56646);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_xref(name:\"USN\", value:\"1247-1\");\n\n script_name(english:\"Ubuntu 11.10 : nova vulnerability (USN-1247-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in Nova. An attacker with access to\na valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY\nfor that user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1247-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-nova package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-nova\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python-nova\", pkgver:\"2011.3-0ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-nova\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "56646", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-nova", "cpe:/o:canonical:ubuntu_linux:11.10"], "scheme": null}

{"openvas": [{"lastseen": "2020-03-14T16:51:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-13T00:00:00", "published": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201247", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201247", "title": "Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2020-1247)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1247\");\n script_version(\"2020-03-13T07:18:08+0000\");\n script_cve_id(\"CVE-2017-14632\", \"CVE-2017-14633\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:18:08 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:18:08 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2020-1247)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1247\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1247\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvorbis' package(s) announced via the EulerOS-SA-2020-1247 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An invalid free flaw was found in the way libvorbis handled processing of Ogg Vorbis format files. This flaw could potentially be used to crash an application using libvorbis by tricking the application into processing specially crafted files.(CVE-2017-14632)\n\n\nAn out-of-bounds read flaw was found in the way libvorbis handled processing of Ogg Vorbis format files. This flaw could potentially be used to crash an application using libvorbis by tricking the application into processing specially crafted files.(CVE-2017-14633)\");\n\n script_tag(name:\"affected\", value:\"'libvorbis' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvorbis\", rpm:\"libvorbis~1.3.3~8.h5\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:31", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192193", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192193", "title": "Huawei EulerOS: Security Advisory for udisks2 (EulerOS-SA-2019-2193)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2193\");\n script_version(\"2020-01-23T12:37:50+0000\");\n script_cve_id(\"CVE-2018-17336\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:37:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:37:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for udisks2 (EulerOS-SA-2019-2193)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2193\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2193\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'udisks2' package(s) announced via the EulerOS-SA-2019-2193 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.(CVE-2018-17336)\");\n\n script_tag(name:\"affected\", value:\"'udisks2' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libudisks2\", rpm:\"libudisks2~2.7.3~6.h1.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"udisks2\", rpm:\"udisks2~2.7.3~6.h1.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171247", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171247", "title": "Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1247)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1247\");\n script_version(\"2020-01-23T11:01:12+0000\");\n script_cve_id(\"CVE-2017-7805\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:01:12 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:01:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1247)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1247\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1247\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'nss' package(s) announced via the EulerOS-SA-2017-1247 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application.(CVE-2017-7805)\");\n\n script_tag(name:\"affected\", value:\"'nss' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~12\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191444", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191444", "title": "Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2019-1444)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1444\");\n script_version(\"2020-01-23T14:09:13+0000\");\n script_cve_id(\"CVE-2016-9602\", \"CVE-2017-13672\", \"CVE-2017-13673\", \"CVE-2017-14167\", \"CVE-2017-15119\", \"CVE-2017-15124\", \"CVE-2017-15268\", \"CVE-2017-18043\", \"CVE-2017-5579\", \"CVE-2017-8284\", \"CVE-2017-8379\", \"CVE-2017-9330\", \"CVE-2017-9373\", \"CVE-2018-10839\", \"CVE-2018-12617\", \"CVE-2018-7550\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 14:09:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:47:15 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2019-1444)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1444\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1444\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qemu' package(s) announced via the EulerOS-SA-2019-1444 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the size value was greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process, resulting in DoS scenario. (CVE-2018-10839)\n\nqmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.(CVE-2018-12617)\n\nQemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. (CVE-2016-9602)\n\nQuick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mh_load_end_addr address is greater than the mh_bss_end_addr address. A user or process could use this flaw to potentially achieve arbitrary code execution on a host.(CVE-2018-7550)\n\nAn out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU). It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation.(CVE-2017-13672)\n\nAn assert failure issue was found in the VGA display emulator built into the Quick emulator (QEMU). It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service. (CVE-2017-13673)\n\nThe Network Block Device (NBD) server in Quick Emulator (QEMU), is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS.(CVE-2017-15119)\n\nQEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'qemu' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-gpu-specs\", rpm:\"qemu-gpu-specs~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-guest-agent\", rpm:\"qemu-guest-agent~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-img\", rpm:\"qemu-img~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm\", rpm:\"qemu-kvm~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm-common\", rpm:\"qemu-kvm-common~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm-tools\", rpm:\"qemu-kvm-tools~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-seabios\", rpm:\"qemu-seabios~2.8.1~30.027\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:35:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191323", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191323", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1323)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1323\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2015-7705\", \"CVE-2015-7850\", \"CVE-2015-7976\", \"CVE-2018-7185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:39:24 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1323)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1323\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1323\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1323 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.\nMitigation:Do not add the 'limited' configuration option to any restrict lines in the ntp.conf file.(CVE-2015-7705)\n\nThe protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the 'other side' of an interleaved association causing the victim ntpd to reset its association(CVE-2018-7185)\n\nThe ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.(CVE-2015-7976)\n\nntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.\n Mitigation:Disable NTP remote configuration or limit this feature to trusted users to effectively mitigate this risk(CVE-2015-7850)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~28.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~28.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.6p5~28.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:42", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171246", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171246", "title": "Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1246)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1246\");\n script_version(\"2020-01-23T11:01:11+0000\");\n script_cve_id(\"CVE-2017-7805\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:01:11 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:01:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1246)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1246\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1246\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'nss' package(s) announced via the EulerOS-SA-2017-1246 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application.(CVE-2017-7805)\");\n\n script_tag(name:\"affected\", value:\"'nss' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~12\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~12\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~12\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~12\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191806", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191806", "title": "Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2019-1806)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1806\");\n script_version(\"2020-01-23T12:23:28+0000\");\n script_cve_id(\"CVE-2017-16548\", \"CVE-2018-5764\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:23:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:23:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2019-1806)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1806\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1806\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'rsync' package(s) announced via the EulerOS-SA-2019-1806 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.(CVE-2018-5764)\n\nThe receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\\\\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.(CVE-2017-16548)\");\n\n script_tag(name:\"affected\", value:\"'rsync' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"rsync\", rpm:\"rsync~3.1.2~4.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181244", "title": "Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2018-1244)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1244\");\n script_version(\"2020-01-23T11:18:36+0000\");\n script_cve_id(\"CVE-2017-17433\", \"CVE-2017-17434\", \"CVE-2018-5764\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:18:36 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:18:36 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2018-1244)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1244\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1244\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'rsync' package(s) announced via the EulerOS-SA-2018-1244 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions.(CVE-2017-17433)\n\nThe daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in 'xname follows' strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.(CVE-2017-17434)\n\nThe parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.(CVE-2018-5764)\");\n\n script_tag(name:\"affected\", value:\"'rsync' package(s) on Huawei EulerOS Virtualization 2.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"rsync\", rpm:\"rsync~3.0.9~15.h3\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:53", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191069", "title": "Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1069)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1069\");\n script_version(\"2020-01-23T11:30:03+0000\");\n script_cve_id(\"CVE-2018-10546\", \"CVE-2019-6977\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:30:03 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:30:03 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1069)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1069\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1069\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'php' package(s) announced via the EulerOS-SA-2019-1069 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An infinite loop vulnerability was found in ext/iconv/iconv.c in PHP due to the iconv stream not rejecting invalid multibyte sequences. A remote attacker could use this vulnerability to hang the php process and consume resources.(CVE-2018-10546)\n\ngdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.(CVE-2019-6977)\");\n\n script_tag(name:\"affected\", value:\"'php' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~45.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191405", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191405", "title": "Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1405)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1405\");\n script_version(\"2020-01-23T11:42:22+0000\");\n script_cve_id(\"CVE-2016-9602\", \"CVE-2017-13672\", \"CVE-2017-13673\", \"CVE-2017-14167\", \"CVE-2017-15119\", \"CVE-2017-15124\", \"CVE-2017-15268\", \"CVE-2017-18043\", \"CVE-2017-5579\", \"CVE-2017-8284\", \"CVE-2017-8379\", \"CVE-2017-9330\", \"CVE-2017-9373\", \"CVE-2018-10839\", \"CVE-2018-12617\", \"CVE-2018-7550\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:42:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:42:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1405)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1405\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1405\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qemu-kvm' package(s) announced via the EulerOS-SA-2019-1405 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the size value was greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process, resulting in DoS scenario. (CVE-2018-10839)\n\nqmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.(CVE-2018-12617)\n\nQemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. (CVE-2016-9602)\n\nQuick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mh_load_end_addr address is greater than the mh_bss_end_addr address. A user or process could use this flaw to potentially achieve arbitrary code execution on a host.(CVE-2018-7550)\n\nAn out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU). It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation.(CVE-2017-13672)\n\nAn assert failure issue was found in the VGA display emulator built into the Quick emulator (QEMU). It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service. (CVE-2017-13673)\n\nThe Network Block Device (NBD) server in Quick Emulator (QEMU), is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS.(CVE-2017-15119)\n\nQEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'qemu-kvm' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-img\", rpm:\"qemu-img~2.8.1~30.025\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm\", rpm:\"qemu-kvm~2.8.1~30.025\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm-common\", rpm:\"qemu-kvm-common~2.8.1~30.025\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qemu-kvm-tools\", rpm:\"qemu-kvm-tools~2.8.1~30.025\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-03-19T22:38:55", "bulletinFamily": "scanner", "description": "According to the versions of the libvorbis package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - An invalid free flaw was found in the way libvorbis\n handled processing of Ogg Vorbis format files. This\n flaw could potentially be used to crash an application\n using libvorbis by tricking the application into\n processing specially crafted files.(CVE-2017-14632)\n\n - An out-of-bounds read flaw was found in the way\n libvorbis handled processing of Ogg Vorbis format\n files. This flaw could potentially be used to crash an\n application using libvorbis by tricking the application\n into processing specially crafted\n files.(CVE-2017-14633)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-03-13T00:00:00", "id": "EULEROS_SA-2020-1247.NASL", "href": "https://www.tenable.com/plugins/nessus/134536", "published": "2020-03-13T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libvorbis (EulerOS-SA-2020-1247)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134536);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/19\");\n\n script_cve_id(\n \"CVE-2017-14632\",\n \"CVE-2017-14633\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libvorbis (EulerOS-SA-2020-1247)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libvorbis package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - An invalid free flaw was found in the way libvorbis\n handled processing of Ogg Vorbis format files. This\n flaw could potentially be used to crash an application\n using libvorbis by tricking the application into\n processing specially crafted files.(CVE-2017-14632)\n\n - An out-of-bounds read flaw was found in the way\n libvorbis handled processing of Ogg Vorbis format\n files. This flaw could potentially be used to crash an\n application using libvorbis by tricking the application\n into processing specially crafted\n files.(CVE-2017-14633)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1247\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5d220f4e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvorbis packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvorbis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvorbis-1.3.3-8.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvorbis\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-18T01:32:24", "bulletinFamily": "scanner", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has udisks2 packages installed that are affected\nby a vulnerability:\n\n - UDisks 2.8.0 has a format string vulnerability in\n udisks_log in udiskslogging.c, allowing attackers to\n obtain sensitive information (stack contents), cause a\n denial of service (memory corruption), or possibly have\n unspecified other impact via a malformed filesystem\n label, as demonstrated by %d or %n substrings.\n (CVE-2018-17336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application", "modified": "2020-03-02T00:00:00", "id": "NEWSTART_CGSL_NS-SA-2019-0248_UDISKS2.NASL", "href": "https://www.tenable.com/plugins/nessus/132510", "published": "2019-12-31T00:00:00", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : udisks2 Vulnerability (NS-SA-2019-0248)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0248. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132510);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2018-17336\");\n script_bugtraq_id(107537);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : udisks2 Vulnerability (NS-SA-2019-0248)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has udisks2 packages installed that are affected\nby a vulnerability:\n\n - UDisks 2.8.0 has a format string vulnerability in\n udisks_log in udiskslogging.c, allowing attackers to\n obtain sensitive information (stack contents), cause a\n denial of service (memory corruption), or possibly have\n unspecified other impact via a malformed filesystem\n label, as demonstrated by %d or %n substrings.\n (CVE-2018-17336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0248\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL udisks2 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"libudisks2-2.7.3-9.el7\",\n \"libudisks2-devel-2.7.3-9.el7\",\n \"udisks2-2.7.3-9.el7\",\n \"udisks2-debuginfo-2.7.3-9.el7\",\n \"udisks2-iscsi-2.7.3-9.el7\",\n \"udisks2-lsm-2.7.3-9.el7\",\n \"udisks2-lvm2-2.7.3-9.el7\"\n ],\n \"CGSL MAIN 5.05\": [\n \"libudisks2-2.7.3-9.el7\",\n \"libudisks2-devel-2.7.3-9.el7\",\n \"udisks2-2.7.3-9.el7\",\n \"udisks2-debuginfo-2.7.3-9.el7\",\n \"udisks2-iscsi-2.7.3-9.el7\",\n \"udisks2-lsm-2.7.3-9.el7\",\n \"udisks2-lvm2-2.7.3-9.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"udisks2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:46:42", "bulletinFamily": "scanner", "description": "UDisks 2.8.0 has a format string vulnerability in udisks_log in\nudiskslogging.c, allowing attackers to obtain sensitive information\n(stack contents), cause a denial of service (memory corruption), or\npossibly have unspecified other impact via a malformed filesystem\nlabel, as demonstrated by %d or %n substrings.(CVE-2018-17336)\n\nAn uncontrolled format string vulnerability has been discovered in\nudisks when it mounts a filesystem with a malformed label. A local\nattacker may use this flaw to leak memory, make the udisks service\ncrash, or cause other unspecified effects.(CVE-2018-17336)", "modified": "2020-03-02T00:00:00", "id": "AL2_ALAS-2019-1377.NASL", "href": "https://www.tenable.com/plugins/nessus/132265", "published": "2019-12-19T00:00:00", "title": "Amazon Linux 2 : udisks2 (ALAS-2019-1377)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1377.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132265);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2018-17336\");\n script_xref(name:\"ALAS\", value:\"2019-1377\");\n\n script_name(english:\"Amazon Linux 2 : udisks2 (ALAS-2019-1377)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"UDisks 2.8.0 has a format string vulnerability in udisks_log in\nudiskslogging.c, allowing attackers to obtain sensitive information\n(stack contents), cause a denial of service (memory corruption), or\npossibly have unspecified other impact via a malformed filesystem\nlabel, as demonstrated by %d or %n substrings.(CVE-2018-17336)\n\nAn uncontrolled format string vulnerability has been discovered in\nudisks when it mounts a filesystem with a malformed label. A local\nattacker may use this flaw to leak memory, make the udisks service\ncrash, or cause other unspecified effects.(CVE-2018-17336)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1377.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update udisks2' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libudisks2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libudisks2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:udisks2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:udisks2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:udisks2-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:udisks2-lsm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:udisks2-lvm2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"libudisks2-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libudisks2-devel-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"udisks2-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"udisks2-debuginfo-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"udisks2-iscsi-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"udisks2-lsm-2.7.3-9.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"udisks2-lvm2-2.7.3-9.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libudisks2 / libudisks2-devel / udisks2 / udisks2-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:37:33", "bulletinFamily": "scanner", "description": "According to the version of the libvorbis package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array\n read vulnerability exists in the function\n mapping0_forward() in mapping0.c, which may lead to DoS\n when operating on a crafted audio file with\n vorbis_analysis().(CVE-2017-14633)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-03-02T00:00:00", "id": "EULEROS_SA-2019-2622.NASL", "href": "https://www.tenable.com/plugins/nessus/132157", "published": "2019-12-18T00:00:00", "title": "EulerOS 2.0 SP3 : libvorbis (EulerOS-SA-2019-2622)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132157);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/20\");\n\n script_cve_id(\n \"CVE-2017-14633\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libvorbis (EulerOS-SA-2019-2622)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvorbis package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array\n read vulnerability exists in the function\n mapping0_forward() in mapping0.c, which may lead to DoS\n when operating on a crafted audio file with\n vorbis_analysis().(CVE-2017-14633)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2622\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fc93f57c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvorbis package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvorbis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libvorbis-1.3.3-8.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvorbis\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:58:32", "bulletinFamily": "scanner", "description": "Two issues have been found in libvorbis, a decoder library for Vorbis\nGeneral Audio Compression Codec.\n\n2017-14633\n\nIn Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability\nexists in the function mapping0_forward() in mapping0.c, which may\nlead to DoS when operating on a crafted audio file with\nvorbis_analysis().\n\n2017-11333\n\nThe vorbis_analysis_wrote function in lib/block.c in Xiph.Org\nlibvorbis 1.3.5 allows remote attackers to cause a denial of service\n(OOM) via a crafted wav file.\n\nFor Debian 8 ", "modified": "2020-03-02T00:00:00", "id": "DEBIAN_DLA-2039.NASL", "href": "https://www.tenable.com/plugins/nessus/132106", "published": "2019-12-18T00:00:00", "title": "Debian DLA-2039-1 : libvorbis security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2039-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132106);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/20\");\n\n script_cve_id(\"CVE-2017-11333\", \"CVE-2017-14633\");\n\n script_name(english:\"Debian DLA-2039-1 : libvorbis security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two issues have been found in libvorbis, a decoder library for Vorbis\nGeneral Audio Compression Codec.\n\n2017-14633\n\nIn Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability\nexists in the function mapping0_forward() in mapping0.c, which may\nlead to DoS when operating on a crafted audio file with\nvorbis_analysis().\n\n2017-11333\n\nThe vorbis_analysis_wrote function in lib/block.c in Xiph.Org\nlibvorbis 1.3.5 allows remote attackers to cause a denial of service\n(OOM) via a crafted wav file.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.3.4-2+deb8u3.\n\nWe recommend that you upgrade your libvorbis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/12/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libvorbis\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvorbis-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvorbis-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvorbis0a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvorbisenc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvorbisfile3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libvorbis-dbg\", reference:\"1.3.4-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvorbis-dev\", reference:\"1.3.4-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvorbis0a\", reference:\"1.3.4-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvorbisenc2\", reference:\"1.3.4-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libvorbisfile3\", reference:\"1.3.4-2+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:37:12", "bulletinFamily": "scanner", "description": "According to the versions of the libvorbis package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array\n read vulnerability exists in the function\n mapping0_forward() in mapping0.c, which may lead to DoS\n when operating on a crafted audio file with\n vorbis_analysis().(CVE-2017-14633)\n\n - Xiph.Org libvorbis 1.3.5 allows Remote Code Execution\n upon freeing uninitialized memory in the function\n vorbis_analysis_headerout() in info.c when\n vi->channels<=0, a similar issue to Mozilla bug\n 550184.(CVE-2017-14632)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-03-02T00:00:00", "id": "EULEROS_SA-2019-2502.NASL", "href": "https://www.tenable.com/plugins/nessus/131655", "published": "2019-12-04T00:00:00", "title": "EulerOS 2.0 SP2 : libvorbis (EulerOS-SA-2019-2502)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131655);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/09\");\n\n script_cve_id(\n \"CVE-2017-14632\",\n \"CVE-2017-14633\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libvorbis (EulerOS-SA-2019-2502)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libvorbis package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array\n read vulnerability exists in the function\n mapping0_forward() in mapping0.c, which may lead to DoS\n when operating on a crafted audio file with\n vorbis_analysis().(CVE-2017-14633)\n\n - Xiph.Org libvorbis 1.3.5 allows Remote Code Execution\n upon freeing uninitialized memory in the function\n vorbis_analysis_headerout() in info.c when\n vi->channels<=0, a similar issue to Mozilla bug\n 550184.(CVE-2017-14632)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2502\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6efabd85\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvorbis packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvorbis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libvorbis-1.3.3-8.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvorbis\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-18T01:32:17", "bulletinFamily": "scanner", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected\nby a vulnerability:\n\n - Stack-based buffer overflow in the parseLegacySyslogMsg\n function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x\n before 4.6.8 and 5.2.0 through 5.8.4 might allow remote\n attackers to cause a denial of service (application\n exit) via a long TAG in a legacy syslog message.\n (CVE-2011-3200)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application", "modified": "2020-03-02T00:00:00", "id": "NEWSTART_CGSL_NS-SA-2019-0225_RSYSLOG.NASL", "href": "https://www.tenable.com/plugins/nessus/131408", "published": "2019-12-02T00:00:00", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0225. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131408);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2011-3200\");\n script_bugtraq_id(49413);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected\nby a vulnerability:\n\n - Stack-based buffer overflow in the parseLegacySyslogMsg\n function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x\n before 4.6.8 and 5.2.0 through 5.8.4 might allow remote\n attackers to cause a denial of service (application\n exit) via a long TAG in a legacy syslog message.\n (CVE-2011-3200)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0225\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL rsyslog packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3200\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"rsyslog-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-crypto-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-debuginfo-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-doc-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-elasticsearch-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-gnutls-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-gssapi-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-kafka-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-libdbi-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmaudit-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmjsonparse-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmkubernetes-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmnormalize-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmsnmptrapd-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mysql-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-pgsql-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-relp-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-snmp-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-udpspoof-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\"\n ],\n \"CGSL MAIN 5.04\": [\n \"rsyslog-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-crypto-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-debuginfo-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-doc-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-elasticsearch-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-gnutls-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-gssapi-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-kafka-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-libdbi-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmaudit-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmjsonparse-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmkubernetes-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmnormalize-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mmsnmptrapd-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-mysql-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-pgsql-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-relp-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-snmp-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\",\n \"rsyslog-udpspoof-8.24.0-41.el7_7.2.cgslv5.0.2.g75fe685\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:35:53", "bulletinFamily": "scanner", "description": "According to the version of the udisks2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - UDisks 2.8.0 has a format string vulnerability in\n udisks_log in udiskslogging.c, allowing attackers to\n obtain sensitive information (stack contents), cause a\n denial of service (memory corruption), or possibly have\n unspecified other impact via a malformed filesystem\n label, as demonstrated by %d or %n\n substrings.(CVE-2018-17336)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-03-02T00:00:00", "id": "EULEROS_SA-2019-2193.NASL", "href": "https://www.tenable.com/plugins/nessus/130655", "published": "2019-11-08T00:00:00", "title": "EulerOS 2.0 SP5 : udisks2 (EulerOS-SA-2019-2193)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130655);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/12\");\n\n script_cve_id(\n \"CVE-2018-17336\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : udisks2 (EulerOS-SA-2019-2193)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the udisks2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - UDisks 2.8.0 has a format string vulnerability in\n udisks_log in udiskslogging.c, allowing attackers to\n obtain sensitive information (stack contents), cause a\n denial of service (memory corruption), or possibly have\n unspecified other impact via a malformed filesystem\n label, as demonstrated by %d or %n\n substrings.(CVE-2018-17336)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2193\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?394d82d8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected udisks2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libudisks2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:udisks2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"libudisks2-2.7.3-6.h1.eulerosv2r7\",\n \"udisks2-2.7.3-6.h1.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"udisks2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}