DATABASE RESOURCES PRICING ABOUT US

{"id": "VMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)", "description": "The remote VMware ESXi 5.0 host is affected by Multiple Vulnerabilities :\n\n - An integer overflow condition exists in the\n __tzfile_read() function in the glibc library. An unauthenticated, remote attacker can exploit this, via a crafted timezone (TZ) file, to cause a denial of service or the execution of arbitrary code.\n (CVE-2009-5029)\n\n - ldd in the glibc library is affected by a privilege escalation vulnerability due to the omission of certain LD_TRACE_LOADED_OBJECTS checks in a crafted executable file. Note that this vulnerability is disputed by the library vendor. (CVE-2009-5064)\n\n - A remote code execution vulnerability exists in the glibc library due to an integer signedness error in the elf_get_dynamic_info() function when the '--verify' option is used. A remote attacker can exploit this by using a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.\n (CVE-2010-0830)\n\n - A flaw exists in OpenSSL due to a failure to properly prevent modification of the ciphersuite in the session cache when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. A remote attacker can exploit this to force a downgrade to an unintended cipher by intercepting the network traffic to discover a session identifier.\n (CVE-2010-4180)\n\n - A flaw exists in OpenSSL due to a failure to properly validate the public parameters in the J-PAKE protocol when J-PAKE is enabled. A remote attacker can exploit this, by sending crafted values in each round of the protocol, to bypass the need for knowledge of the shared secret. (CVE-2010-4252)\n\n - A out-of-bounds memory error exists in OpenSSL that allows a remote attacker to cause a denial of service or possibly obtain sensitive information by using a malformed ClientHello handshake message. This is also known as the 'OCSP stapling vulnerability'.\n (CVE-2011-0014)\n\n - A flaw exists in the addmntent() function in the glibc library due to a failure to report the error status for failed attempts to write to the /etc/mtab file. A local attacker can exploit this to corrupt the file by using writes from a process with a small RLIMIT_FSIZE value.\n (CVE-2011-1089)\n\n - A flaw exists in the png_set_text_2() function in the file pngset.c in the libpng library due to a failure to properly allocate memory. An unauthenticated, remote attacker can exploit this, via a crafted text chunk in a PNG image file, to trigger a heap-based buffer overflow, resulting in denial of service or the execution of arbitrary code. (CVE-2011-3048)\n\n - A flaw exists in the DTLS implementation in OpenSSL due to performing a MAC check only if certain padding is valid. A remote attacker can exploit this, via a padding oracle attack, to recover the plaintext. (CVE-2011-4108)\n\n - A double-free error exists in OpenSSL when the X509_V_FLAG_POLICY_CHECK is enabled. A remote attacker can exploit this by triggering a policy check failure, resulting in an unspecified impact. (CVE-2011-4109)\n\n - A flaw exists in OpenSSL in the SSL 3.0 implementation due to improper initialization of data structures used for block cipher padding. A remote attacker can exploit this, by decrypting the padding data sent by an SSL peer, to obtain sensitive information. (CVE-2011-4576)\n\n - A denial of service vulnerability exists in OpenSSL when RFC 3779 support is enabled. A remote attacker can exploit this to cause an assertion failure, by using an X.509 certificate containing certificate extension data associated with IP address blocks or Autonomous System (AS) identifiers. (CVE-2011-4577)\n\n - A denial of service vulnerability exists in the RPC implementation in the glibc library due to a flaw in the svc_run() function. A remote attacker can exploit this, via large number of RPC connections, to exhaust CPU resources. (CVE-2011-4609)\n\n - A denial of service vulnerability exists in the Server Gated Cryptography (SGC) implementation in OpenSSL due to a failure to properly handle handshake restarts. A remote attacker can exploit this, via unspecified vectors, to exhaust CPU resources. (CVE-2011-4619)\n\n - A denial of service vulnerability exists in OpenSSL due to improper support of DTLS applications. A remote attacker can exploit this, via unspecified vectors related to an out-of-bounds read error. Note that this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)\n\n - A security bypass vulnerability exists in the glibc library due to an integer overflow condition in the vfprintf() function in file stdio-common/vfprintf.c. An attacker can exploit this, by using a large number of arguments, to bypass the FORTIFY_SOURCE protection mechanism, allowing format string attacks or writing to arbitrary memory. (CVE-2012-0864)\n\n - A denial of service vulnerability exists in the glibc library in the vfprintf() function in file stdio-common/vfprintf.c due to a failure to properly calculate a buffer length. An attacker can exploit this, via a format string that uses positional parameters and many format specifiers, to bypass the FORTIFY_SOURCE format-string protection mechanism, thus causing stack corruption and a crash. (CVE-2012-3404)\n\n - A denial of service vulnerability exists in the glibc library in the vfprintf() function in file stdio-common/vfprintf.c due to a failure to properly calculate a buffer length. An attacker can exploit this, via a format string with a large number of format specifiers, to bypass the FORTIFY_SOURCE format-string protection mechanism, thus triggering desynchronization within the buffer size handling, resulting in a segmentation fault and crash. (CVE-2012-3405)\n\n - A flaw exists in the glibc library in the vfprintf() function in file stdio-common/vfprintf.c due to a failure to properly restrict the use of the alloca() function when allocating the SPECS array. An attacker can exploit this, via a crafted format string using positional parameters and a large number of format specifiers, to bypass the FORTIFY_SOURCE format-string protection mechanism, thus triggering a denial of service or the possible execution of arbitrary code.\n (CVE-2012-3406)\n\n - A flaw exists in the glibc library due to multiple integer overflow conditions in the strtod(), strtof(), strtold(), strtod_l(), and other unspecified related functions. A local attacker can exploit these to trigger a stack-based buffer overflow, resulting in an application crash or the possible execution of arbitrary code. (CVE-2012-3480)\n\n - A privilege escalation vulnerability exists in the Virtual Machine Communication Interface (VMCI) due to a failure by control code to properly restrict memory allocation. A local attacker can exploit this, via unspecified vectors, to gain privileges. (CVE-2013-1406)\n\n - An error exists in the implementation of the Network File Copy (NFC) protocol. A man-in-the-middle attacker can exploit this, by modifying the client-server data stream, to cause a denial of service or the execution of arbitrary code. (CVE-2013-1659)", "published": "2013-11-13T00:00:00", "modified": "2018-11-15T00:00:00", "epss": [{"cve": "CVE-2009-5029", "epss": 0.00838, "percentile": 0.80089, "modified": "2023-12-06"}, {"cve": "CVE-2009-5064", "epss": 0.00044, "percentile": 0.08192, "modified": "2023-12-06"}, {"cve": "CVE-2010-0830", "epss": 0.1119, "percentile": 0.94612, "modified": "2023-12-06"}, {"cve": "CVE-2010-4180", "epss": 0.0226, "percentile": 0.88385, "modified": "2023-12-06"}, {"cve": "CVE-2010-4252", "epss": 0.0302, "percentile": 0.89857, "modified": "2023-12-06"}, {"cve": "CVE-2011-0014", "epss": 0.10337, "percentile": 0.94394, "modified": "2023-12-06"}, {"cve": "CVE-2011-1089", "epss": 0.00044, "percentile": 0.08192, "modified": "2023-12-06"}, {"cve": "CVE-2011-3048", "epss": 0.05624, "percentile": 0.92481, "modified": "2023-12-06"}, {"cve": "CVE-2011-4108", "epss": 0.00485, "percentile": 0.73257, "modified": "2023-12-06"}, {"cve": "CVE-2011-4109", "epss": 0.03839, "percentile": 0.90927, "modified": "2023-12-06"}, {"cve": "CVE-2011-4576", "epss": 0.00885, "percentile": 0.80631, "modified": "2023-12-06"}, {"cve": "CVE-2011-4577", "epss": 0.10637, "percentile": 0.94485, "modified": "2023-12-06"}, {"cve": "CVE-2011-4609", "epss": 0.00296, "percentile": 0.65903, "modified": "2023-12-06"}, {"cve": "CVE-2011-4619", "epss": 0.2335, "percentile": 0.96076, "modified": "2023-12-06"}, {"cve": "CVE-2012-0050", "epss": 0.14494, "percentile": 0.95195, "modified": "2023-12-06"}, {"cve": "CVE-2012-0864", "epss": 0.01296, "percentile": 0.84279, "modified": "2023-12-06"}, {"cve": "CVE-2012-3404", "epss": 0.01556, "percentile": 0.85728, "modified": "2023-12-06"}, {"cve": "CVE-2012-3405", "epss": 0.01065, "percentile": 0.82444, "modified": "2023-12-06"}, {"cve": "CVE-2012-3406", "epss": 0.00324, "percentile": 0.67404, "modified": "2023-12-06"}, {"cve": "CVE-2012-3480", "epss": 0.00044, "percentile": 0.1071, "modified": "2023-12-06"}, {"cve": "CVE-2013-1406", "epss": 0.00062, "percentile": 0.24987, "modified": "2023-12-06"}, {"cve": "CVE-2013-1659", "epss": 0.00107, "percentile": 0.42861, "modified": "2023-12-06"}], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/70885", "reporter": "This script is (C) 2013-2018 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1406", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1659", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4609", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048", "https://www.vmware.com/security/advisories/VMSA-2012-0018.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0050", "http://www.nessus.org/u?3b1468ad", "https://www.vmware.com/security/advisories/VMSA-2013-0003.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029", "http://www.vmware.com/security/advisories/VMSA-2012-0013.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3404", "http://www.nessus.org/u?050fd795", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5064", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0864", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3405", "http://www.vmware.com/security/advisories/VMSA-2013-0002.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4577", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480"], "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2010-4180", "CVE-2010-4252", "CVE-2011-0014", "CVE-2011-1089", "CVE-2011-3048", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4609", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0864", "CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480", "CVE-2013-1406", "CVE-2013-1659"], "immutableFields": [], "lastseen": "2023-12-08T15:21:59", "viewCount": 83, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY3.ASC"]}, {"type": "altlinux", "idList": ["1774E2E5994152CAFE3CD362AA5487DA", "1F87EA39F54523531F7738F660320FFA", "2A8A0204788F76775AB3E16B17AE4DC9", "48F9740A55C89464383845847750BAD8", "5013499411AA87A07921EFB0542B09B7", "55488380FAF31F5EF6F8F77EF0A33A95", "56C6D4537874796CFF954D534E7FB4F4", "582C12331046634BC2865453A8AC8A75", "6836FADF5E0503EDE4B6A9296A0DE06A", "6BA9C0995A58B66D3732DDCA9797CF05", "710AF3263715899BB75F9523B9F210E7", "8C42DDEBB5F86A2F6B072919F0D50263", "9A4008E9262FAF9AAC4755C4E42AB2C0", "A882CDD06FADCFDBBEC16CED49B0FB67", "D4E928F46B1CD0911D29FF9462472C4D", "D73561C8FAF02AE9ECC6DFA8247B7568"]}, {"type": "amazon", "idList": ["ALAS-2012-038", "ALAS-2012-039", "ALAS-2012-057", "ALAS-2012-068", "ALAS-2012-109", "ALAS-2012-120"]}, {"type": "archlinux", "idList": ["ASA-201412-21"]}, {"type": "attackerkb", "idList": ["AKB:B431AD41-A07D-43BD-92AA-45B45A210EEF"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978", "CESA-2012:0058", "CESA-2012:0059", "CESA-2012:0060", "CESA-2012:0086", "CESA-2012:0125", "CESA-2012:0126", "CESA-2012:0393", "CESA-2012:0397", "CESA-2012:0426", "CESA-2012:0523", "CESA-2012:1097", "CESA-2012:1098", "CESA-2012:1207", "CESA-2012:1208"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "cve", "idList": ["CVE-2008-7270", "CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2010-4180", "CVE-2010-4252", "CVE-2010-4478", "CVE-2011-0014", "CVE-2011-1089", "CVE-2011-1675", "CVE-2011-1678", "CVE-2011-1679", "CVE-2011-1681", "CVE-2011-1749", "CVE-2011-3048", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4609", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0390", "CVE-2012-0864", "CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480", "CVE-2013-1406", "CVE-2013-1659"]}, {"type": "debian", "idList": ["DEBIAN:BSA-060:0BDFE", "DEBIAN:DLA-165-1:23BFE", "DEBIAN:DSA-2058-1:E81DD", "DEBIAN:DSA-2058-1:F253E", "DEBIAN:DSA-2141-1:1F9CB", "DEBIAN:DSA-2141-1:4DDA2", "DEBIAN:DSA-2162-1:98AFD", "DEBIAN:DSA-2390-1:7F77A", "DEBIAN:DSA-2392-1:5DB15", "DEBIAN:DSA-2446-1:F32BA", "DEBIAN:DSA-2454-1:93836", "DEBIAN:DSA-3169-1:C9823"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-7270", "DEBIANCVE:CVE-2009-5029", "DEBIANCVE:CVE-2009-5064", "DEBIANCVE:CVE-2010-0830", "DEBIANCVE:CVE-2010-4180", "DEBIANCVE:CVE-2010-4252", "DEBIANCVE:CVE-2010-4478", "DEBIANCVE:CVE-2011-0014", "DEBIANCVE:CVE-2011-1089", "DEBIANCVE:CVE-2011-1675", "DEBIANCVE:CVE-2011-1678", "DEBIANCVE:CVE-2011-1681", "DEBIANCVE:CVE-2011-1749", "DEBIANCVE:CVE-2011-4108", "DEBIANCVE:CVE-2011-4109", "DEBIANCVE:CVE-2011-4576", "DEBIANCVE:CVE-2011-4577", "DEBIANCVE:CVE-2011-4619", "DEBIANCVE:CVE-2012-0050", "DEBIANCVE:CVE-2012-0390", "DEBIANCVE:CVE-2012-3404", "DEBIANCVE:CVE-2012-3405", "DEBIANCVE:CVE-2012-3406", "DEBIANCVE:CVE-2012-3480"]}, {"type": "exploitdb", "idList": ["EDB-ID:25134", "EDB-ID:40164"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B34E098CEA8158FE7100D818B9060916", "EXPLOITPACK:D0C0ABEBB66F120575911D213A03B73B"]}, {"type": "f5", "idList": ["F5:K10534046", "F5:K12543", "F5:K12853", "F5:K15314", "F5:K15881", "F5:K17382", "SOL12543", "SOL12853", "SOL15314", "SOL15388", "SOL15389", "SOL15417", "SOL15460", "SOL15461", "SOL15881", "SOL16364", "SOL17382"]}, {"type": "fedora", "idList": ["FEDORA:0BE1D21246", "FEDORA:144BA1104EC", "FEDORA:31EC22125A", "FEDORA:340B120DED", "FEDORA:3722721573", "FEDORA:3B5602179E", "FEDORA:40D5120B25", "FEDORA:4B73A20DD6", "FEDORA:564D5110A27", "FEDORA:5CD8320BD3", "FEDORA:5EC1E20BC3", "FEDORA:6B3FC110D28", "FEDORA:71D9321EDD", "FEDORA:7635A20E7B", "FEDORA:7C53320C61", "FEDORA:8AEFA20B4E", "FEDORA:8ED3020FF6", "FEDORA:9750E2076D", "FEDORA:9DFF1E720F", "FEDORA:A271421BA0", "FEDORA:A7A8121248", "FEDORA:A89A021670", "FEDORA:AA6CF2159C", "FEDORA:B31D6110781", "FEDORA:C411B20546", "FEDORA:C42A8110D0A", "FEDORA:C8F7F110906", "FEDORA:C9F3119737F", "FEDORA:D560A20FC7", "FEDORA:D91FC208AA", "FEDORA:D9C0A2139E", "FEDORA:DB3B827061", "FEDORA:DBB0F21109", "FEDORA:E45E721D15", "FEDORA:EDD1B2141A"]}, {"type": "freebsd", "idList": ["262B92FE-81C8-11E1-8899-001EC9578670", "2AE114DE-C064-11E1-B5E0-000C299B62E1", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "78CC8A46-3E56-11E1-89B4-001EC9578670"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-12:01.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201011-01", "GLSA-201110-01", "GLSA-201203-12", "GLSA-201206-15", "GLSA-201312-01", "GLSA-201503-04"]}, {"type": "ibm", "idList": ["1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "231E423B28752DD6263DBEC8D8F06E8A6EC0C4DA14543D958731A02C8193E5EE", "27B62FE6F75F2FDC77F417B2E4F70DB2ACC8E40CF9E9E25340B88A272207CE07", "306F0F5B9EBAA5A123DBEA7D5C32E94515078239AFA1D40465B7275E07FFDD37", "583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E", "62D94E8C3A8EC6CD385928958A895F618F48E7DC4CFB2774DDB06F9B648FAC29", "85A5E5E5D0EA9EC5EEAE24FCB0F1DA68DC3900D8FF5F2B93C2E587EB0973AC71", "8A850F68BD149B3067B0797B42467FB57DD5C63D8F82368476874FEE25B2084C", "8F73A6D9460746098942CDD034332E627DD5C59C903F65333D90F95100657ED8", "9565FEEA0E13F1CACE459E1DD36D5E9CAB4712E2148193C52D850073C5948478", "B8CDE2E20BC16C41FC85BA2A86684E11CDAD295FBFA9F508C045F715A67AC321", "D4768A7ECBA4296B32D6C1E061712EF612CAC1825A991C20C25C9BA6ED17797E", "E0A58ED8F9D2EAC5F3D7B7629F5373292F4D9CAE0E0ACB4EFB9DF940BFA17EC8", "E718305B80885810F902CE850143D8E41B3321E883AB24867E49DDC4822F4153"]}, {"type": "kitploit", "idList": ["KITPLOIT:6228086289371789135"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-INTEL-PROSETWIRELESS-WIFI-SOFTWARE-VULNERABILITIES-NOSID", "LENOVO:PS500190-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2015-0013"]}, {"type": "msvr", "idList": ["MSVR13-003"]}, {"type": "nessus", "idList": ["6129.PRM", "6288.PRM", "6589.PRM", "801054.PRM", "801059.PRM", "AIX_OPENSSL_ADVISORY2.NASL", "AIX_OPENSSL_ADVISORY3.NASL", "ALA_ALAS-2012-109.NASL", "ALA_ALAS-2012-120.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2012-39.NASL", "ALA_ALAS-2012-57.NASL", "ALA_ALAS-2012-68.NASL", "APPLETV_5_1.NASL", "APPLE_IOS_60_CHECK.NBIN", "CENTOS_RHSA-2010-0977.NASL", "CENTOS_RHSA-2010-0978.NASL", "CENTOS_RHSA-2012-0058.NASL", "CENTOS_RHSA-2012-0059.NASL", "CENTOS_RHSA-2012-0060.NASL", "CENTOS_RHSA-2012-0086.NASL", "CENTOS_RHSA-2012-0125.NASL", "CENTOS_RHSA-2012-0126.NASL", "CENTOS_RHSA-2012-0393.NASL", "CENTOS_RHSA-2012-0397.NASL", "CENTOS_RHSA-2012-0426.NASL", "CENTOS_RHSA-2012-0523.NASL", "CENTOS_RHSA-2012-1097.NASL", "CENTOS_RHSA-2012-1098.NASL", "CENTOS_RHSA-2012-1207.NASL", "CENTOS_RHSA-2012-1208.NASL", "DEBIAN_DLA-165.NASL", "DEBIAN_DSA-2058.NASL", "DEBIAN_DSA-2141.NASL", "DEBIAN_DSA-2162.NASL", "DEBIAN_DSA-2390.NASL", "DEBIAN_DSA-2392.NASL", "DEBIAN_DSA-2446.NASL", "DEBIAN_DSA-2454.NASL", "DEBIAN_DSA-3169.NASL", "EULEROS_SA-2019-1421.NASL", "EULEROS_SA-2019-1547.NASL", "EULEROS_SA-2019-1548.NASL", "EULEROS_SA-2020-1637.NASL", "F5_BIGIP_SOL15388.NASL", "F5_BIGIP_SOL15461.NASL", "F5_BIGIP_SOL15881.NASL", "F5_BIGIP_SOL16364.NASL", "F5_BIGIP_SOL17382.NASL", "FEDORA_2010-18736.NASL", "FEDORA_2010-18765.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-5876.NASL", "FEDORA_2011-5878.NASL", "FEDORA_2012-0018.NASL", "FEDORA_2012-0232.NASL", "FEDORA_2012-0250.NASL", "FEDORA_2012-0702.NASL", "FEDORA_2012-0708.NASL", "FEDORA_2012-11508.NASL", "FEDORA_2012-11927.NASL", "FEDORA_2012-11928.NASL", "FEDORA_2012-11963.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2012-2123.NASL", "FEDORA_2012-2144.NASL", "FEDORA_2012-2162.NASL", "FEDORA_2012-4902.NASL", "FEDORA_2012-5079.NASL", "FEDORA_2012-5080.NASL", "FEDORA_2012-5515.NASL", "FEDORA_2012-5518.NASL", "FEDORA_2012-5526.NASL", "FREEBSD_PKG_262B92FE81C811E18899001EC9578670.NASL", "FREEBSD_PKG_2AE114DEC06411E1B5E0000C299B62E1.NASL", "FREEBSD_PKG_5C5F19CE43AF11E189B4001EC9578670.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "GENTOO_GLSA-201011-01.NASL", "GENTOO_GLSA-201110-01.NASL", "GENTOO_GLSA-201203-12.NASL", "GENTOO_GLSA-201206-15.NASL", "GENTOO_GLSA-201312-01.NASL", "GENTOO_GLSA-201503-04.NASL", "HPSMH_7_0_0_24.NASL", "HPSMH_7_1_1_1.NASL", "JUNIPER_SBR_MULTIPLE.NASL", "JUNIPER_SPACE_JSA10659.NASL", "MACOSX_10_6_8.NASL", "MACOSX_10_7_5.NASL", "MACOSX_10_8_4.NASL", "MACOSX_FUSION_5_0_2.NASL", "MACOSX_SECUPD2012-004.NASL", "MACOSX_SECUPD2013-002.NASL", "MANDRIVA_MDVSA-2010-111.NASL", "MANDRIVA_MDVSA-2010-112.NASL", "MANDRIVA_MDVSA-2010-248.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "MANDRIVA_MDVSA-2011-148.NASL", "MANDRIVA_MDVSA-2011-178.NASL", "MANDRIVA_MDVSA-2011-179.NASL", "MANDRIVA_MDVSA-2012-006.NASL", "MANDRIVA_MDVSA-2012-007.NASL", "MANDRIVA_MDVSA-2012-011.NASL", "MANDRIVA_MDVSA-2012-046.NASL", "MANDRIVA_MDVSA-2012-083.NASL", "MANDRIVA_MDVSA-2012-084.NASL", "MANDRIVA_MDVSA-2013-048.NASL", "MANDRIVA_MDVSA-2015-168.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "OPENSSL_0_9_8S.NASL", "OPENSSL_0_9_8T.NASL", "OPENSSL_0_9_8U.NASL", "OPENSSL_1_0_0C.NASL", "OPENSSL_1_0_0D.NASL", "OPENSSL_1_0_0F.NASL", "OPENSSL_1_0_0G.NASL", "OPENSSL_1_0_0H.NASL", "OPENSSL_RESUME_DIFFERENT_CIPHER.NASL", "OPENSUSE-2012-217.NASL", "OPENSUSE-2012-32.NASL", "OPENSUSE-2012-52.NASL", "OPENSUSE-2012-76.NASL", "OPENSUSE-2012-99.NASL", "OPENSUSE-2013-153.NASL", "ORACLELINUX_ELSA-2010-0977.NASL", "ORACLELINUX_ELSA-2010-0978.NASL", "ORACLELINUX_ELSA-2010-0979.NASL", "ORACLELINUX_ELSA-2011-0677.NASL", "ORACLELINUX_ELSA-2011-1526.NASL", "ORACLELINUX_ELSA-2011-1534.NASL", "ORACLELINUX_ELSA-2011-1691.NASL", "ORACLELINUX_ELSA-2012-0058.NASL", "ORACLELINUX_ELSA-2012-0059.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0086.NASL", "ORACLELINUX_ELSA-2012-0125.NASL", "ORACLELINUX_ELSA-2012-0126.NASL", "ORACLELINUX_ELSA-2012-0393.NASL", "ORACLELINUX_ELSA-2012-0397.NASL", "ORACLELINUX_ELSA-2012-0426.NASL", "ORACLELINUX_ELSA-2012-0523.NASL", "ORACLELINUX_ELSA-2012-1097.NASL", "ORACLELINUX_ELSA-2012-1098.NASL", "ORACLELINUX_ELSA-2012-1207.NASL", "ORACLELINUX_ELSA-2012-1208.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLEVM_OVMSA-2015-0023.NASL", "REDHAT-RHSA-2010-0977.NASL", "REDHAT-RHSA-2010-0978.NASL", "REDHAT-RHSA-2010-0979.NASL", "REDHAT-RHSA-2011-0677.NASL", "REDHAT-RHSA-2011-1526.NASL", "REDHAT-RHSA-2012-0058.NASL", "REDHAT-RHSA-2012-0059.NASL", "REDHAT-RHSA-2012-0060.NASL", "REDHAT-RHSA-2012-0086.NASL", "REDHAT-RHSA-2012-0109.NASL", "REDHAT-RHSA-2012-0125.NASL", "REDHAT-RHSA-2012-0126.NASL", "REDHAT-RHSA-2012-0168.NASL", "REDHAT-RHSA-2012-0393.NASL", "REDHAT-RHSA-2012-0397.NASL", "REDHAT-RHSA-2012-0426.NASL", "REDHAT-RHSA-2012-0488.NASL", "REDHAT-RHSA-2012-0523.NASL", "REDHAT-RHSA-2012-0531.NASL", "REDHAT-RHSA-2012-1097.NASL", "REDHAT-RHSA-2012-1098.NASL", "REDHAT-RHSA-2012-1185.NASL", "REDHAT-RHSA-2012-1200.NASL", "REDHAT-RHSA-2012-1207.NASL", "REDHAT-RHSA-2012-1208.NASL", "REDHAT-RHSA-2012-1262.NASL", "REDHAT-RHSA-2012-1325.NASL", "SLACKWARE_SSA_2010-340-01.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "SLACKWARE_SSA_2012-041-03.NASL", "SLACKWARE_SSA_2012-206-01.NASL", "SLACKWARE_SSA_2012-244-01.NASL", "SL_20101213_OPENSSL_ON_SL4_X.NASL", "SL_20101213_OPENSSL_ON_SL6_X.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "SL_20111206_GLIBC_ON_SL6_X.NASL", "SL_20120124_GLIBC_ON_SL6_X.NASL", "SL_20120124_OPENSSL_ON_SL5_X.NASL", "SL_20120124_OPENSSL_ON_SL6_X.NASL", "SL_20120201_OPENSSL_ON_SL4_X.NASL", "SL_20120213_GLIBC_ON_SL4_X.NASL", "SL_20120213_GLIBC_ON_SL5_X.NASL", "SL_20120315_GLIBC_ON_SL6_X.NASL", "SL_20120319_GLIBC_ON_SL5_X.NASL", "SL_20120327_OPENSSL_ON_SL5_X.NASL", "SL_20120425_LIBPNG_ON_SL5_X.NASL", "SL_20120718_GLIBC_ON_SL5_X.NASL", "SL_20120718_GLIBC_ON_SL6_X.NASL", "SL_20120827_GLIBC_ON_SL5_X.NASL", "SL_20120827_GLIBC_ON_SL6_X.NASL", "SOLARIS10_146857-01.NASL", "SOLARIS10_X86_146859-01.NASL", "SOLARIS11_LIBPNG_20130313.NASL", "SOLARIS11_OPENSSL_20120404.NASL", "SUSE9_12641.NASL", "SUSE9_12701.NASL", "SUSE_11_1_GLIBC-101026.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_GLIBC-101027.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_3_GLIBC-111219.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_3_NCPFS-110824.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_4_CURL-120124.NASL", "SUSE_11_4_GLIBC-111219.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120206.NASL", "SUSE_11_4_NCPFS-110824.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_GLIBC-100708.NASL", "SUSE_11_GLIBC-100709.NASL", "SUSE_11_GLIBC-101025.NASL", "SUSE_11_GLIBC-111219.NASL", "SUSE_11_GLIBC-121129.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120209.NASL", "SUSE_11_LIBPNG-DEVEL-120330.NASL", "SUSE_11_NCPFS-110824.NASL", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_GLIBC-7201.NASL", "SUSE_GLIBC-7896.NASL", "SUSE_GLIBC-8351.NASL", "SUSE_GLIBC-8387.NASL", "SUSE_LIBCURL4-8618.NASL", "SUSE_LIBPNG-8043.NASL", "SUSE_NCPFS-7710.NASL", "SUSE_NCPFS-7711.NASL", "SUSE_OPENSSL-7462.NASL", "SUSE_OPENSSL-7463.NASL", "SUSE_OPENSSL-7923.NASL", "SUSE_OPENSSL-7961.NASL", "SUSE_SU-2012-1488-1.NASL", "SUSE_SU-2012-1667-1.NASL", "SUSE_SU-2013-1251-1.NASL", "SUSE_SU-2013-1287-1.NASL", "UBUNTU_USN-1029-1.NASL", "UBUNTU_USN-1064-1.NASL", "UBUNTU_USN-1357-1.NASL", "UBUNTU_USN-1396-1.NASL", "UBUNTU_USN-1417-1.NASL", "UBUNTU_USN-1589-1.NASL", "UBUNTU_USN-1589-2.NASL", "UBUNTU_USN-944-1.NASL", "VMWARE_ESXI_5_1_BUILD_1063671_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_911593_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0002_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0003_REMOTE.NASL", "VMWARE_VCENTER_VMSA-2013-0003.NASL", "VMWARE_VIEW_PRIV_ESC_VMSA_2013_0002.NASL", "VMWARE_VMSA-2011-0013.NASL", "VMWARE_VMSA-2011-0013_REMOTE.NASL", "VMWARE_VMSA-2012-0013.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "VMWARE_VMSA-2012-0018.NASL", "VMWARE_VMSA-2013-0002.NASL", "VMWARE_VMSA-2013-0003.NASL", "VMWARE_WORKSTATION_PRIV_ESC_VMSA_2013_0002.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4180", "OPENSSL:CVE-2010-4252", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2011-4108", "OPENSSL:CVE-2011-4109", "OPENSSL:CVE-2011-4576", "OPENSSL:CVE-2011-4577", "OPENSSL:CVE-2011-4619", "OPENSSL:CVE-2012-0050"]}, {"type": "openvas", "idList": ["OPENVAS:103451", "OPENVAS:103558", "OPENVAS:103627", "OPENVAS:103662", "OPENVAS:103672", "OPENVAS:103849", "OPENVAS:103874", "OPENVAS:1361412562310103394", "OPENVAS:1361412562310103451", "OPENVAS:1361412562310103558", "OPENVAS:1361412562310103627", "OPENVAS:1361412562310103662", "OPENVAS:1361412562310103672", "OPENVAS:1361412562310103849", "OPENVAS:1361412562310103874", "OPENVAS:1361412562310105400", "OPENVAS:1361412562310105413", "OPENVAS:1361412562310120203", "OPENVAS:1361412562310120204", "OPENVAS:1361412562310120262", "OPENVAS:1361412562310120410", "OPENVAS:1361412562310120480", "OPENVAS:1361412562310120592", "OPENVAS:1361412562310121082", "OPENVAS:1361412562310121358", "OPENVAS:1361412562310122003", "OPENVAS:1361412562310122006", "OPENVAS:1361412562310122007", "OPENVAS:1361412562310122033", "OPENVAS:1361412562310122167", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122287", "OPENVAS:1361412562310123836", "OPENVAS:1361412562310123838", "OPENVAS:1361412562310123858", "OPENVAS:1361412562310123859", "OPENVAS:1361412562310123931", "OPENVAS:1361412562310123951", "OPENVAS:1361412562310123952", "OPENVAS:1361412562310123990", "OPENVAS:136141256231067542", "OPENVAS:136141256231068671", "OPENVAS:136141256231068921", "OPENVAS:136141256231068997", "OPENVAS:136141256231069035", "OPENVAS:1361412562310703169", "OPENVAS:136141256231070708", "OPENVAS:136141256231070711", "OPENVAS:136141256231070750", "OPENVAS:136141256231070756", "OPENVAS:136141256231070764", "OPENVAS:136141256231071196", "OPENVAS:136141256231071250", "OPENVAS:136141256231071259", "OPENVAS:136141256231071282", "OPENVAS:136141256231071533", "OPENVAS:136141256231071582", "OPENVAS:136141256231071964", "OPENVAS:136141256231071970", "OPENVAS:136141256231071983", "OPENVAS:1361412562310802968", "OPENVAS:1361412562310804061", "OPENVAS:1361412562310830966", "OPENVAS:1361412562310830967", "OPENVAS:1361412562310831068", "OPENVAS:1361412562310831073", "OPENVAS:1361412562310831275", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310831466", "OPENVAS:1361412562310831500", "OPENVAS:1361412562310831527", "OPENVAS:1361412562310831533", "OPENVAS:1361412562310831580", "OPENVAS:1361412562310831606", "OPENVAS:1361412562310831679", "OPENVAS:1361412562310831682", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310840435", "OPENVAS:1361412562310840550", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310840887", "OPENVAS:1361412562310840929", "OPENVAS:1361412562310840979", "OPENVAS:1361412562310841171", "OPENVAS:1361412562310841254", "OPENVAS:1361412562310850148", "OPENVAS:1361412562310850181", "OPENVAS:1361412562310850275", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310863060", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310863683", "OPENVAS:1361412562310863688", "OPENVAS:1361412562310863704", "OPENVAS:1361412562310863764", "OPENVAS:1361412562310863924", "OPENVAS:1361412562310863945", "OPENVAS:1361412562310864019", "OPENVAS:1361412562310864136", "OPENVAS:1361412562310864137", "OPENVAS:1361412562310864149", "OPENVAS:1361412562310864153", "OPENVAS:1361412562310864175", "OPENVAS:1361412562310864179", "OPENVAS:1361412562310864192", "OPENVAS:1361412562310864229", "OPENVAS:1361412562310864279", "OPENVAS:1361412562310864283", "OPENVAS:1361412562310864350", "OPENVAS:1361412562310864361", "OPENVAS:1361412562310864432", "OPENVAS:1361412562310864623", "OPENVAS:1361412562310864631", "OPENVAS:1361412562310864664", "OPENVAS:1361412562310870370", "OPENVAS:1361412562310870372", "OPENVAS:1361412562310870532", "OPENVAS:1361412562310870540", "OPENVAS:1361412562310870545", "OPENVAS:1361412562310870556", "OPENVAS:1361412562310870576", "OPENVAS:1361412562310870578", "OPENVAS:1361412562310870587", "OPENVAS:1361412562310870609", "OPENVAS:1361412562310870629", "OPENVAS:1361412562310870668", "OPENVAS:1361412562310870673", "OPENVAS:1361412562310870722", "OPENVAS:1361412562310870788", "OPENVAS:1361412562310870794", "OPENVAS:1361412562310870814", "OPENVAS:1361412562310870816", "OPENVAS:1361412562310880460", "OPENVAS:1361412562310880636", "OPENVAS:1361412562310881066", "OPENVAS:1361412562310881067", "OPENVAS:1361412562310881084", "OPENVAS:1361412562310881100", "OPENVAS:1361412562310881113", "OPENVAS:1361412562310881117", "OPENVAS:1361412562310881134", "OPENVAS:1361412562310881156", "OPENVAS:1361412562310881169", "OPENVAS:1361412562310881175", "OPENVAS:1361412562310881177", "OPENVAS:1361412562310881217", "OPENVAS:1361412562310881230", "OPENVAS:1361412562310881239", "OPENVAS:1361412562310881366", "OPENVAS:1361412562310881476", "OPENVAS:1361412562310881477", "OPENVAS:1361412562310902466", "OPENVAS:1361412562311220191421", "OPENVAS:1361412562311220191547", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220201637", "OPENVAS:67542", "OPENVAS:68671", "OPENVAS:68921", "OPENVAS:68997", "OPENVAS:69035", "OPENVAS:703169", "OPENVAS:70708", "OPENVAS:70711", "OPENVAS:70750", "OPENVAS:70756", "OPENVAS:70764", "OPENVAS:71196", "OPENVAS:71250", "OPENVAS:71259", "OPENVAS:71282", "OPENVAS:71533", "OPENVAS:71582", "OPENVAS:71964", "OPENVAS:71970", "OPENVAS:71983", "OPENVAS:802968", "OPENVAS:830966", "OPENVAS:830967", "OPENVAS:831068", "OPENVAS:831073", "OPENVAS:831275", "OPENVAS:831330", "OPENVAS:831466", "OPENVAS:831500", "OPENVAS:831527", "OPENVAS:831533", "OPENVAS:831580", "OPENVAS:831606", "OPENVAS:831679", "OPENVAS:831682", "OPENVAS:835251", "OPENVAS:840435", "OPENVAS:840550", "OPENVAS:840589", "OPENVAS:840887", "OPENVAS:840929", "OPENVAS:840979", "OPENVAS:841171", "OPENVAS:841254", "OPENVAS:850148", "OPENVAS:850181", "OPENVAS:850275", "OPENVAS:862721", "OPENVAS:862737", "OPENVAS:862849", "OPENVAS:862920", "OPENVAS:863060", "OPENVAS:863070", "OPENVAS:863499", "OPENVAS:863683", "OPENVAS:863688", "OPENVAS:863704", "OPENVAS:863764", "OPENVAS:863924", "OPENVAS:863945", "OPENVAS:864019", "OPENVAS:864136", "OPENVAS:864137", "OPENVAS:864149", "OPENVAS:864153", "OPENVAS:864175", "OPENVAS:864179", "OPENVAS:864192", "OPENVAS:864229", "OPENVAS:864279", "OPENVAS:864283", "OPENVAS:864350", "OPENVAS:864361", "OPENVAS:864432", "OPENVAS:864623", "OPENVAS:864631", "OPENVAS:864664", "OPENVAS:870370", "OPENVAS:870372", "OPENVAS:870532", "OPENVAS:870540", "OPENVAS:870545", "OPENVAS:870556", "OPENVAS:870576", "OPENVAS:870578", "OPENVAS:870587", "OPENVAS:870609", "OPENVAS:870629", "OPENVAS:870668", "OPENVAS:870673", "OPENVAS:870722", "OPENVAS:870788", "OPENVAS:870794", "OPENVAS:870814", "OPENVAS:870816", "OPENVAS:880460", "OPENVAS:880636", "OPENVAS:881066", "OPENVAS:881067", "OPENVAS:881084", "OPENVAS:881100", "OPENVAS:881113", "OPENVAS:881117", "OPENVAS:881134", "OPENVAS:881156", "OPENVAS:881169", "OPENVAS:881175", "OPENVAS:881177", "OPENVAS:881217", "OPENVAS:881230", "OPENVAS:881239", "OPENVAS:881366", "OPENVAS:881476", "OPENVAS:881477", "OPENVAS:902466"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0977", "ELSA-2010-0978", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2011-1526", "ELSA-2012-0058", "ELSA-2012-0059", "ELSA-2012-0060", "ELSA-2012-0086", "ELSA-2012-0125", "ELSA-2012-0126", "ELSA-2012-0393", "ELSA-2012-0397", "ELSA-2012-0523", "ELSA-2012-1097", "ELSA-2012-1098", "ELSA-2012-1207", "ELSA-2012-1208", "ELSA-2015-3022", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-165-1", "OSV:DSA-2058-1", "OSV:DSA-2141-1", "OSV:DSA-2141-2", "OSV:DSA-2390-1", "OSV:DSA-2454-1", "OSV:DSA-2454-2", "OSV:DSA-3169-1"]}, {"type": "paloalto", "idList": ["PAN-SA-2012-0017"]}, {"type": "prion", "idList": ["PRION:CVE-2008-7270", "PRION:CVE-2009-5029", "PRION:CVE-2009-5064", "PRION:CVE-2010-0830", "PRION:CVE-2010-4180", "PRION:CVE-2010-4252", "PRION:CVE-2010-4478", "PRION:CVE-2011-0014", "PRION:CVE-2011-1089", "PRION:CVE-2011-1675", "PRION:CVE-2011-1678", "PRION:CVE-2011-1679", "PRION:CVE-2011-1681", "PRION:CVE-2011-1749", "PRION:CVE-2011-3048", "PRION:CVE-2011-4108", "PRION:CVE-2011-4109", "PRION:CVE-2011-4576", "PRION:CVE-2011-4577", "PRION:CVE-2011-4609", "PRION:CVE-2011-4619", "PRION:CVE-2012-0050", "PRION:CVE-2012-0390", "PRION:CVE-2012-0864", "PRION:CVE-2012-3404", "PRION:CVE-2012-3405", "PRION:CVE-2012-3406", "PRION:CVE-2012-3480", "PRION:CVE-2013-1406", "PRION:CVE-2013-1659"]}, {"type": "redhat", "idList": ["RHSA-2010:0977", "RHSA-2010:0978", "RHSA-2010:0979", "RHSA-2011:0677", "RHSA-2011:1526", "RHSA-2012:0058", "RHSA-2012:0059", "RHSA-2012:0060", "RHSA-2012:0086", "RHSA-2012:0109", "RHSA-2012:0125", "RHSA-2012:0126", "RHSA-2012:0168", "RHSA-2012:0393", "RHSA-2012:0397", "RHSA-2012:0426", "RHSA-2012:0488", "RHSA-2012:0523", "RHSA-2012:0531", "RHSA-2012:1097", "RHSA-2012:1098", "RHSA-2012:1185", "RHSA-2012:1200", "RHSA-2012:1207", "RHSA-2012:1208", "RHSA-2012:1262", "RHSA-2012:1306", "RHSA-2012:1307", "RHSA-2012:1308", "RHSA-2012:1325"]}, {"type": "rosalinux", "idList": ["ROSA-SA-2021-1939"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23941", "SECURITYVULNS:DOC:25258", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:DOC:27395", "SECURITYVULNS:DOC:27743", "SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:27941", "SECURITYVULNS:DOC:28164", "SECURITYVULNS:DOC:28534", "SECURITYVULNS:DOC:28576", "SECURITYVULNS:DOC:28577", "SECURITYVULNS:DOC:28598", "SECURITYVULNS:DOC:28907", "SECURITYVULNS:DOC:29464", "SECURITYVULNS:DOC:31769", "SECURITYVULNS:VULN:10874", "SECURITYVULNS:VULN:11284", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:12065", "SECURITYVULNS:VULN:12150", "SECURITYVULNS:VULN:12209", "SECURITYVULNS:VULN:12241", "SECURITYVULNS:VULN:12425", "SECURITYVULNS:VULN:12576", "SECURITYVULNS:VULN:12596", "SECURITYVULNS:VULN:12597", "SECURITYVULNS:VULN:12610", "SECURITYVULNS:VULN:14294"]}, {"type": "seebug", "idList": ["SSV:60646", "SSV:61320", "SSV:78801"]}, {"type": "slackware", "idList": ["SSA-2010-340-01", "SSA-2011-041-04", "SSA-2012-041-03", "SSA-2012-206-01", "SSA-2012-244-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "OPENSUSE-SU-2012:0064-1", "OPENSUSE-SU-2012:0083-1", "SUSE-SA:2010:052", "SUSE-SU-2011:0847-1", "SUSE-SU-2012:0023-1", "SUSE-SU-2012:0033-1", "SUSE-SU-2012:0055-1", "SUSE-SU-2012:0084-1", "SUSE-SU-2012:0674-1", "SUSE-SU-2014:0320-1"]}, {"type": "thn", "idList": ["THN:A69F7E93E0EA3AF653136A37387E82C7"]}, {"type": "ubuntu", "idList": ["USN-1029-1", "USN-1064-1", "USN-1357-1", "USN-1396-1", "USN-1417-1", "USN-1589-1", "USN-1589-2", "USN-944-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-7270", "UB:CVE-2009-5029", "UB:CVE-2009-5064", "UB:CVE-2010-0830", "UB:CVE-2010-4180", "UB:CVE-2010-4252", "UB:CVE-2010-4478", "UB:CVE-2011-0014", "UB:CVE-2011-1089", "UB:CVE-2011-1675", "UB:CVE-2011-1678", "UB:CVE-2011-1679", "UB:CVE-2011-1681", "UB:CVE-2011-1749", "UB:CVE-2011-3048", "UB:CVE-2011-4108", "UB:CVE-2011-4109", "UB:CVE-2011-4576", "UB:CVE-2011-4577", "UB:CVE-2011-4609", "UB:CVE-2011-4619", "UB:CVE-2012-0050", "UB:CVE-2012-0390", "UB:CVE-2012-0864", "UB:CVE-2012-2118", "UB:CVE-2012-3404", "UB:CVE-2012-3405", "UB:CVE-2012-3406", "UB:CVE-2012-3480"]}, {"type": "veracode", "idList": ["VERACODE:10701", "VERACODE:10953", "VERACODE:11061", "VERACODE:24527", "VERACODE:24610", "VERACODE:24821", "VERACODE:24822", "VERACODE:24906", "VERACODE:24907", "VERACODE:24954", "VERACODE:24955", "VERACODE:24969", "VERACODE:24970", "VERACODE:24976", "VERACODE:24979", "VERACODE:24996"]}, {"type": "vmware", "idList": ["VMSA-2011-0013", "VMSA-2011-0013.3", "VMSA-2012-0013", "VMSA-2012-0013.2", "VMSA-2012-0018", "VMSA-2012-0018.2", "VMSA-2013-0002", "VMSA-2013-0002.1", "VMSA-2013-0003"]}, {"type": "zdt", "idList": ["1337DAY-ID-20717"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY3.ASC"]}, {"type": "amazon", "idList": ["ALAS-2012-068", "ALAS-2012-120"]}, {"type": "archlinux", "idList": ["ASA-201412-21"]}, {"type": "centos", "idList": ["CESA-2010:0977", "CESA-2010:0978", "CESA-2012:0058", "CESA-2012:0059", "CESA-2012:0060", "CESA-2012:0086", "CESA-2012:0125", "CESA-2012:0126", "CESA-2012:0393", "CESA-2012:0397", "CESA-2012:0426", "CESA-2012:0523", "CESA-2012:1097", "CESA-2012:1098", "CESA-2012:1207", "CESA-2012:1208"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "cve", "idList": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2141-1:1F9CB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-5029", "DEBIANCVE:CVE-2009-5064", "DEBIANCVE:CVE-2010-0830", "DEBIANCVE:CVE-2010-4252", "DEBIANCVE:CVE-2011-1089", "DEBIANCVE:CVE-2012-3404", "DEBIANCVE:CVE-2012-3405", "DEBIANCVE:CVE-2012-3406", "DEBIANCVE:CVE-2012-3480"]}, {"type": "exploitdb", "idList": ["EDB-ID:40164"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B34E098CEA8158FE7100D818B9060916"]}, {"type": "f5", "idList": ["SOL12543", "SOL12853", "SOL15314", "SOL15388", "SOL15389", "SOL15417", "SOL15460", "SOL15461", "SOL15881", "SOL16364", "SOL17382"]}, {"type": "fedora", "idList": ["FEDORA:31EC22125A", "FEDORA:5CD8320BD3", "FEDORA:71D9321EDD", "FEDORA:8ED3020FF6", "FEDORA:9750E2076D", "FEDORA:A271421BA0", "FEDORA:C411B20546", "FEDORA:C42A8110D0A", "FEDORA:D91FC208AA", "FEDORA:DB3B827061"]}, {"type": "freebsd", "idList": ["262B92FE-81C8-11E1-8899-001EC9578670", "2AE114DE-C064-11E1-B5E0-000C299B62E1", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "78CC8A46-3E56-11E1-89B4-001EC9578670"]}, {"type": "gentoo", "idList": ["GLSA-201203-12"]}, {"type": "ibm", "idList": ["583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E"]}, {"type": "kitploit", "idList": ["KITPLOIT:6228086289371789135"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/OPENBSD-OPENSSH-CVE-2010-4478/"]}, {"type": "nessus", "idList": ["801053.PRM", "AIX_OPENSSL_ADVISORY3.NASL", "ALA_ALAS-2012-109.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2012-57.NASL", "CENTOS_RHSA-2012-0125.NASL", "CENTOS_RHSA-2012-0393.NASL", "DEBIAN_DLA-165.NASL", "DEBIAN_DSA-2058.NASL", "DEBIAN_DSA-2392.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2012-5526.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "GENTOO_GLSA-201312-01.NASL", "MACOSX_FUSION_5_0_2.NASL", "OPENSSL_1_0_0D.NASL", "OPENSUSE-2012-52.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0125.NASL", "REDHAT-RHSA-2010-0979.NASL", "REDHAT-RHSA-2012-0060.NASL", "REDHAT-RHSA-2012-1097.NASL", "REDHAT-RHSA-2012-1185.NASL", "SL_20120201_OPENSSL_ON_SL4_X.NASL", "SOLARIS11_LIBPNG_20130313.NASL", "SUSE_11_1_GLIBC-101026.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101207.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_3_NCPFS-110824.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_NCPFS-110824.NASL", "SUSE_GLIBC-7896.NASL", "SUSE_OPENSSL-7923.NASL", "VMWARE_ESXI_5_1_BUILD_911593_REMOTE.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "VMWARE_VMSA-2013-0002.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-4252"]}, {"type": "openvas", "idList": ["OPENVAS:103662", "OPENVAS:103849", "OPENVAS:1361412562310120592", "OPENVAS:1361412562310122006", "OPENVAS:1361412562310122007", "OPENVAS:136141256231070708", "OPENVAS:136141256231070756", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310840979", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310864019", "OPENVAS:1361412562310864149", "OPENVAS:1361412562310864153", "OPENVAS:1361412562310864229", "OPENVAS:1361412562310864432", "OPENVAS:1361412562310864623", "OPENVAS:1361412562310870814", "OPENVAS:1361412562310881067", "OPENVAS:1361412562310881084", "OPENVAS:1361412562310881113", "OPENVAS:1361412562310881177", "OPENVAS:1361412562310881217", "OPENVAS:703169", "OPENVAS:831682", "OPENVAS:850181", "OPENVAS:850275", "OPENVAS:863945", "OPENVAS:864153", "OPENVAS:864283", "OPENVAS:864350", "OPENVAS:864623", "OPENVAS:864664", "OPENVAS:881066", "OPENVAS:881084", "OPENVAS:881177"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1526", "ELSA-2012-0058", "ELSA-2012-0126", "ELSA-2012-0393", "ELSA-2012-0397", "ELSA-2012-1207", "ELSA-2012-1208"]}, {"type": "redhat", "idList": ["RHSA-2010:0977", "RHSA-2010:0979", "RHSA-2011:0677", "RHSA-2011:1526", "RHSA-2012:0058", "RHSA-2012:0060", "RHSA-2012:0393", "RHSA-2012:0397", "RHSA-2012:1098", "RHSA-2012:1308"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23941", "SECURITYVULNS:DOC:29464", "SECURITYVULNS:VULN:12241", "SECURITYVULNS:VULN:12610"]}, {"type": "seebug", "idList": ["SSV:61320"]}, {"type": "slackware", "idList": ["SSA-2012-041-03", "SSA-2012-244-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0083-1", "SUSE-SA:2010:052"]}, {"type": "thn", "idList": ["THN:A69F7E93E0EA3AF653136A37387E82C7"]}, {"type": "ubuntu", "idList": ["USN-1396-1", "USN-1417-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-4252", "UB:CVE-2011-4576", "UB:CVE-2012-0050", "UB:CVE-2012-3480"]}, {"type": "vmware", "idList": ["VMSA-2011-0013"]}, {"type": "zdt", "idList": ["1337DAY-ID-20717"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2009-5029", "epss": 0.00737, "percentile": 0.78087, "modified": "2023-05-06"}, {"cve": "CVE-2009-5064", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-06"}, {"cve": "CVE-2010-0830", "epss": 0.14512, "percentile": 0.94897, "modified": "2023-05-06"}, {"cve": "CVE-2010-4180", "epss": 0.0226, "percentile": 0.8793, "modified": "2023-05-06"}, {"cve": "CVE-2010-4252", "epss": 0.0302, "percentile": 0.89445, "modified": "2023-05-06"}, {"cve": "CVE-2011-0014", "epss": 0.10337, "percentile": 0.94088, "modified": "2023-05-06"}, {"cve": "CVE-2011-1089", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-06"}, {"cve": "CVE-2011-3048", "epss": 0.05025, "percentile": 0.9166, "modified": "2023-05-06"}, {"cve": "CVE-2011-4108", "epss": 0.00485, "percentile": 0.72454, "modified": "2023-05-06"}, {"cve": "CVE-2011-4109", "epss": 0.03839, "percentile": 0.90548, "modified": "2023-05-06"}, {"cve": "CVE-2011-4576", "epss": 0.00885, "percentile": 0.80203, "modified": "2023-05-06"}, {"cve": "CVE-2011-4577", "epss": 0.10637, "percentile": 0.94163, "modified": "2023-05-06"}, {"cve": "CVE-2011-4609", "epss": 0.00334, "percentile": 0.66849, "modified": "2023-05-06"}, {"cve": "CVE-2011-4619", "epss": 0.31005, "percentile": 0.96331, "modified": "2023-05-06"}, {"cve": "CVE-2012-0050", "epss": 0.46445, "percentile": 0.96867, "modified": "2023-05-06"}, {"cve": "CVE-2012-0864", "epss": 0.01828, "percentile": 0.86425, "modified": "2023-05-06"}, {"cve": "CVE-2012-3404", "epss": 0.01473, "percentile": 0.84773, "modified": "2023-05-06"}, {"cve": "CVE-2012-3405", "epss": 0.00928, "percentile": 0.80689, "modified": "2023-05-06"}, {"cve": "CVE-2012-3406", "epss": 0.00324, "percentile": 0.66266, "modified": "2023-05-06"}, {"cve": "CVE-2012-3480", "epss": 0.00044, "percentile": 0.10683, "modified": "2023-05-06"}, {"cve": "CVE-2013-1406", "epss": 0.00062, "percentile": 0.24699, "modified": "2023-05-06"}, {"cve": "CVE-2013-1659", "epss": 0.00107, "percentile": 0.41971, "modified": "2023-05-06"}], "vulnersScore": 0.5}, "_state": {"dependencies": 1702068518, "score": 1702067860, "epss": 0}, "_internal": {"score_hash": "9eb672a5561cec1e655782d31244502c"}, "pluginID": "70885", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70885);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2009-5029\",\n \"CVE-2009-5064\",\n \"CVE-2010-0830\",\n \"CVE-2010-4180\",\n \"CVE-2010-4252\",\n \"CVE-2011-0014\",\n \"CVE-2011-1089\",\n \"CVE-2011-3048\",\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4577\",\n \"CVE-2011-4609\",\n \"CVE-2011-4619\",\n \"CVE-2012-0050\",\n \"CVE-2012-0864\",\n \"CVE-2012-3404\",\n \"CVE-2012-3405\",\n \"CVE-2012-3406\",\n \"CVE-2012-3480\",\n \"CVE-2013-1406\",\n \"CVE-2013-1659\"\n );\n script_bugtraq_id(\n 40063,\n 45163,\n 45164,\n 46264,\n 46740,\n 50898,\n 51281,\n 51439,\n 51563,\n 52201,\n 52830,\n 54374,\n 54982,\n 57867,\n 58115\n );\n script_xref(name:\"VMSA\", value:\"2013-0002\");\n script_xref(name:\"VMSA\", value:\"2013-0003\");\n script_xref(name:\"VMSA\", value:\"2012-0013\");\n script_xref(name:\"VMSA\", value:\"2012-0018\");\n\n script_name(english:\"ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)\");\n script_summary(english:\"Checks the ESXi version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESXi 5.0 host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESXi 5.0 host is affected by Multiple\nVulnerabilities :\n\n - An integer overflow condition exists in the\n __tzfile_read() function in the glibc library. An\n unauthenticated, remote attacker can exploit this, via\n a crafted timezone (TZ) file, to cause a denial of\n service or the execution of arbitrary code.\n (CVE-2009-5029)\n\n - ldd in the glibc library is affected by a privilege\n escalation vulnerability due to the omission of certain\n LD_TRACE_LOADED_OBJECTS checks in a crafted executable\n file. Note that this vulnerability is disputed by the\n library vendor. (CVE-2009-5064)\n\n - A remote code execution vulnerability exists in the\n glibc library due to an integer signedness error in the\n elf_get_dynamic_info() function when the '--verify'\n option is used. A remote attacker can exploit this by\n using a crafted ELF program with a negative value for a\n certain d_tag structure member in the ELF header.\n (CVE-2010-0830)\n\n - A flaw exists in OpenSSL due to a failure to properly\n prevent modification of the ciphersuite in the session\n cache when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is\n enabled. A remote attacker can exploit this to force a\n downgrade to an unintended cipher by intercepting the\n network traffic to discover a session identifier.\n (CVE-2010-4180)\n\n - A flaw exists in OpenSSL due to a failure to properly\n validate the public parameters in the J-PAKE protocol\n when J-PAKE is enabled. A remote attacker can exploit\n this, by sending crafted values in each round of the\n protocol, to bypass the need for knowledge of the shared\n secret. (CVE-2010-4252)\n\n - A out-of-bounds memory error exists in OpenSSL that\n allows a remote attacker to cause a denial of service or\n possibly obtain sensitive information by using a\n malformed ClientHello handshake message. This is also\n known as the 'OCSP stapling vulnerability'.\n (CVE-2011-0014)\n\n - A flaw exists in the addmntent() function in the glibc\n library due to a failure to report the error status for\n failed attempts to write to the /etc/mtab file. A local\n attacker can exploit this to corrupt the file by using\n writes from a process with a small RLIMIT_FSIZE value.\n (CVE-2011-1089)\n\n - A flaw exists in the png_set_text_2() function in the\n file pngset.c in the libpng library due to a failure to\n properly allocate memory. An unauthenticated, remote\n attacker can exploit this, via a crafted text chunk in a\n PNG image file, to trigger a heap-based buffer overflow,\n resulting in denial of service or the execution of\n arbitrary code. (CVE-2011-3048)\n\n - A flaw exists in the DTLS implementation in OpenSSL due\n to performing a MAC check only if certain padding is\n valid. A remote attacker can exploit this, via a padding\n oracle attack, to recover the plaintext. (CVE-2011-4108)\n\n - A double-free error exists in OpenSSL when the\n X509_V_FLAG_POLICY_CHECK is enabled. A remote attacker\n can exploit this by triggering a policy check failure,\n resulting in an unspecified impact. (CVE-2011-4109)\n\n - A flaw exists in OpenSSL in the SSL 3.0 implementation\n due to improper initialization of data structures used\n for block cipher padding. A remote attacker can exploit\n this, by decrypting the padding data sent by an SSL\n peer, to obtain sensitive information. (CVE-2011-4576)\n\n - A denial of service vulnerability exists in OpenSSL when\n RFC 3779 support is enabled. A remote attacker can\n exploit this to cause an assertion failure, by using an\n X.509 certificate containing certificate extension data\n associated with IP address blocks or Autonomous System\n (AS) identifiers. (CVE-2011-4577)\n\n - A denial of service vulnerability exists in the RPC\n implementation in the glibc library due to a flaw in the\n svc_run() function. A remote attacker can exploit this,\n via large number of RPC connections, to exhaust CPU\n resources. (CVE-2011-4609)\n\n - A denial of service vulnerability exists in the Server\n Gated Cryptography (SGC) implementation in OpenSSL due\n to a failure to properly handle handshake restarts. A\n remote attacker can exploit this, via unspecified\n vectors, to exhaust CPU resources. (CVE-2011-4619)\n\n - A denial of service vulnerability exists in OpenSSL due\n to improper support of DTLS applications. A remote\n attacker can exploit this, via unspecified vectors\n related to an out-of-bounds read error. Note that this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\n\n - A security bypass vulnerability exists in the glibc\n library due to an integer overflow condition in the\n vfprintf() function in file stdio-common/vfprintf.c. An\n attacker can exploit this, by using a large number of\n arguments, to bypass the FORTIFY_SOURCE protection\n mechanism, allowing format string attacks or writing to\n arbitrary memory. (CVE-2012-0864)\n\n - A denial of service vulnerability exists in the glibc\n library in the vfprintf() function in file\n stdio-common/vfprintf.c due to a failure to properly\n calculate a buffer length. An attacker can exploit this,\n via a format string that uses positional parameters and\n many format specifiers, to bypass the FORTIFY_SOURCE\n format-string protection mechanism, thus causing stack\n corruption and a crash. (CVE-2012-3404)\n\n - A denial of service vulnerability exists in the glibc\n library in the vfprintf() function in file\n stdio-common/vfprintf.c due to a failure to properly\n calculate a buffer length. An attacker can exploit this,\n via a format string with a large number of format\n specifiers, to bypass the FORTIFY_SOURCE format-string\n protection mechanism, thus triggering desynchronization\n within the buffer size handling, resulting in a\n segmentation fault and crash. (CVE-2012-3405)\n\n - A flaw exists in the glibc library in the vfprintf()\n function in file stdio-common/vfprintf.c due to a\n failure to properly restrict the use of the alloca()\n function when allocating the SPECS array. An attacker\n can exploit this, via a crafted format string using\n positional parameters and a large number of format\n specifiers, to bypass the FORTIFY_SOURCE format-string\n protection mechanism, thus triggering a denial of\n service or the possible execution of arbitrary code.\n (CVE-2012-3406)\n\n - A flaw exists in the glibc library due to multiple\n integer overflow conditions in the strtod(), strtof(),\n strtold(), strtod_l(), and other unspecified related\n functions. A local attacker can exploit these to trigger\n a stack-based buffer overflow, resulting in an\n application crash or the possible execution of arbitrary\n code. (CVE-2012-3480)\n\n - A privilege escalation vulnerability exists in the\n Virtual Machine Communication Interface (VMCI) due to a\n failure by control code to properly restrict memory\n allocation. A local attacker can exploit this, via\n unspecified vectors, to gain privileges. (CVE-2013-1406)\n\n - An error exists in the implementation of the Network\n File Copy (NFC) protocol. A man-in-the-middle attacker\n can exploit this, by modifying the client-server data\n stream, to cause a denial of service or the execution\n of arbitrary code. (CVE-2013-1659)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2013-0003.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.vmware.com/security/advisories/VMSA-2012-0013.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2012-0018.html\");\n # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2033751\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?050fd795\");\n # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2033767\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3b1468ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply patch ESXi500-201212101-SG according to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\n\nif (\"ESXi\" >!< rel) audit(AUDIT_OS_NOT, \"ESXi\");\nif (\"VMware ESXi 5.0\" >!< rel) audit(AUDIT_OS_NOT, \"ESXi 5.0\");\n\nmatch = eregmatch(pattern:'^VMware ESXi.*build-([0-9]+)$', string:rel);\nif (isnull(match)) exit(1, 'Failed to extract the ESXi build number.');\n\nbuild = int(match[1]);\nfixed_build = 912577;\n\nif (build < fixed_build)\n{\n if (report_verbosity > 0)\n {\n report = '\\n ESXi version : ' + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse exit(0, \"The host has \"+ver+\" build \"+build+\" and thus is not affected.\");\n", "naslFamily": "Misc.", "cpe": ["cpe:/o:vmware:esxi:5.0"], "solution": "Apply patch ESXi500-201212101-SG according to the vendor advisory.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2012-12-20T00:00:00", "vulnerabilityPublicationDate": "2009-06-01T00:00:00", "exploitableWith": ["Core Impact"]}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:46", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2012-0018\r\nSynopsis: VMware security updates for vCSA and ESXi\r\nIssue date: 2012-12-20\r\nUpdated on: 2012-12-20 &#40;initial advisory&#41;\r\nCVE numbers: ------------- vCSA ---------------\r\n CVE-2012-6324, CVE-2012-6325\r\n ------------- glibc --------------\r\n CVE-2009-5029, CVE-2009-5064, CVE-2010-0830,\r\n CVE-2011-1089, CVE-2011-4609, CVE-2012-0864,\r\n CVE-2012-3404, CVE-2012-3405, CVE-2012-3406,\r\n CVE-2012-3480\r\n\r\n- --------------------------------------------------------------------\r\n\r\n1. Summary\r\n\r\n VMware has updated vCenter Server Appliance &#40;vCSA&#41; and ESX to \r\n address multiple security vulnerabilities\r\n\r\n2. Relevant releases\r\n\r\n vCenter Server Appliance 5.1 without Patch 1\r\n vCenter Server Appliance 5.0 without Update 2\r\n\r\n VMware ESXi 5.1 without patch ESXi510-201212101\r\n VMware ESXi 5.0 without patch ESXi500-201212101\r\n\r\n3. Problem Description\r\n\r\n a. vCenter Server Appliance directory traversal\r\n\r\n The vCenter Server Appliance &#40;vCSA&#41; contains a directory\r\n traversal vulnerability that allows an authenticated \r\n remote user to retrieve arbitrary files. Exploitation of\r\n this issue may expose sensitive information stored on the \r\n server. \r\n\r\n VMware would like to thank Alexander Minozhenko from ERPScan for\r\n reporting this issue to us.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2012-6324 to this issue.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============== ======== ======= =================\r\n vCSA 5.1 Linux vCSA 5.1 Patch 1\r\n vCSA 5.0 Linux vCSA 5.0 Update 2\r\n\r\n b. vCenter Server Appliance arbitrary file download\r\n\r\n The vCenter Server Appliance &#40;vCSA&#41; contains an XML parsing \r\n vulnerability that allows an authenticated remote user to\r\n retrieve arbitrary files. Exploitation of this issue may\r\n expose sensitive information stored on the server.\r\n\r\n VMware would like to thank Alexander Minozhenko from ERPScan for\r\n reporting this issue to us.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the name CVE-2012-6325 to this issue.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============== ======== ======= =================\r\n vCSA 5.1 Linux not affected\r\n vCSA 5.0 Linux vCSA 5.0 Update 2\r\n\r\nc. Update to ESX glibc package\r\n\r\n The ESX glibc package is updated to version glibc-2.5-81.el5_8.1\r\n to resolve multiple security issues.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n has assigned the names CVE-2009-5029, CVE-2009-5064,\r\n CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864\r\n CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480\r\n to these issues.\r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is\r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============== ======== ======= =================\r\n ESXi 5.1 ESXi ESXi510-201212101\r\n ESXi 5.0 ESXi ESXi500-201212101\r\n ESXi 4.1 ESXi no patch planned\r\n ESXi 4.0 ESXi no patch planned\r\n ESXi 3.5 ESXi not applicable\r\n\r\n ESX any ESX not applicable\r\n\r\n4. Solution\r\n\r\n Please review the patch/release notes for your product and\r\n version and verify the checksum of your downloaded file.\r\n\r\n\r\n ESXi and ESX\r\n ------------\r\n The download for ESXi includes vCenter Server Appliance.\r\n\r\n\r\n https://downloads.vmware.com/go/selfsupport-download\r\n\r\n ESXi 5.1\r\n http://kb.vmware.com/kb/2035775\r\n\r\n ESXi 5.0\r\n http://kb.vmware.com/kb/2033751\r\n\r\n5. References\r\n\r\n ------------- vCSA ---------------\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6324\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6325\r\n ------------- glibc --------------\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5064\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4609\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0864\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3404\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3405\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480\r\n\r\n- --------------------------------------------------------------------\r\n\r\n6. Change log\r\n\r\n 2012-12-20 VMSA-2012-0018\r\n Initial security advisory in conjunction with the release of\r\n vSphere 5.1 Patch 1 and vSphere 5.0 Update 2 on 2012-12-20.\r\n\r\n- --------------------------------------------------------------------\r\n\r\n7. Contact\r\n\r\n E-mail list for product security notifications and announcements:\r\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\n This Security Advisory is posted to the following lists:\r\n\r\n * security-announce at lists.vmware.com\r\n * bugtraq at securityfocus.com\r\n * full-disclosure at lists.grok.org.uk\r\n\r\n E-mail: security at vmware.com\r\n PGP key at: http://kb.vmware.com/kb/1055\r\n\r\n VMware Security Advisories\r\n http://www.vmware.com/security/advisories\r\n\r\n VMware security response policy\r\n http://www.vmware.com/support/policies/security_response.html\r\n\r\n General support life cycle policy\r\n http://www.vmware.com/support/policies/eos.html\r\n\r\n VMware Infrastructure support life cycle policy\r\n http://www.vmware.com/support/policies/eos_vi.html\r\n\r\n Copyright 2012 VMware Inc. All rights reserved.\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: PGP Desktop 10.2.0 &#40;Build 2599&#41;\r\nCharset: utf-8\r\n\r\nwj8DBQFQ01bsDEcm8Vbi9kMRAkXEAJoClYysvoV67RKiZ0uN1YszPcN0LQCg8QMV\r\nOWjpV7Bnt27472i5EOhk9fI=\r\n=jrDP\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2013-01-02T00:00:00", "type": "securityvulns", "title": "VMSA-2012-0018 VMware security updates for vCSA and ESXi", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-4609", "CVE-2012-6325", "CVE-2012-3404", "CVE-2012-6324", "CVE-2012-3405", "CVE-2010-0830", "CVE-2012-3480", "CVE-2009-5029", "CVE-2012-3406", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2013-01-02T00:00:00", "id": "SECURITYVULNS:DOC:28907", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28907", "sourceData": "", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:08:11", "description": "Double free&#40;&#41;, protection bypass, information leakages, DoS conditions.", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "securityvulns", "title": "OpenSSL library multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109"], "modified": "2012-01-20T00:00:00", "id": "SECURITYVULNS:VULN:12150", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12150", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:37", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0018.\n\nSummary\nVMware has updated vCenter Server Appliance (vCSA) and ESX to address multiple security vulnerabilities\n\nRelevant releases\nvCenter Server Appliance 5.1 prior to vCSA 5.1.0b\nvCenter Server Appliance 5.0 prior to vCSA 5.0 Update 2\n\nVMware ESXi 5.1 without patch ESXi510-201212101\nVMware ESXi 5.0 without patch ESXi500-201212101\n\nProblem Description\na. vCenter Server Appliance directory traversal\n\nThe vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an\nauthenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose\nsensitive information stored on the server. \n\nb. vCenter Server Appliance arbitrary file download\n\nThe vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an\nauthenticated remote user to retrieve arbitrary files. Exploitation of this issue may\nexpose sensitive information stored on the server. \n\nc. Update to ESX glibc package\n\nThe ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues.", "cvss3": {}, "published": "2012-12-27T00:00:00", "type": "openvas", "title": "VMSA-2012-0018: VMware security updates for vCSA and ESXi", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-4609", "CVE-2012-6325", "CVE-2012-3404", "CVE-2012-6324", "CVE-2012-3405", "CVE-2010-0830", "CVE-2012-3480", "CVE-2009-5029", "CVE-2012-3406", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2017-04-17T00:00:00", "id": "OPENVAS:103627", "href": "http://plugins.openvas.org/nasl.php?oid=103627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2012-0018.nasl 5958 2017-04-17 09:02:19Z teissa $\n#\n# VMSA-2012-0018: VMware security updates for vCSA and ESXi\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software \n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the missing patch(es).\n\nSee Also:\nhttp://www.vmware.com/security/advisories/VMSA-2012-0018.html\";\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2012-0018.\n\nSummary\nVMware has updated vCenter Server Appliance (vCSA) and ESX to address multiple security vulnerabilities\n\nRelevant releases\nvCenter Server Appliance 5.1 prior to vCSA 5.1.0b\nvCenter Server Appliance 5.0 prior to vCSA 5.0 Update 2\n\nVMware ESXi 5.1 without patch ESXi510-201212101\nVMware ESXi 5.0 without patch ESXi500-201212101\n\nProblem Description\na. vCenter Server Appliance directory traversal\n\nThe vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an\nauthenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose\nsensitive information stored on the server. \n\nb. vCenter Server Appliance arbitrary file download\n\nThe vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an\nauthenticated remote user to retrieve arbitrary files. Exploitation of this issue may\nexpose sensitive information stored on the server. \n\nc. Update to ESX glibc package\n\nThe ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues.\";\n\n\nif (description)\n{\n script_id(103627);\n script_cve_id(\"CVE-2012-6324\",\"CVE-2012-6325\",\"CVE-2009-5029\",\"CVE-2009-5064\",\"CVE-2010-0830\",\"CVE-2011-1089\",\"CVE-2011-4609\",\"CVE-2012-0864\",\"CVE-2012-3404\",\"CVE-2012-3405\",\"CVE-2012-3406\",\"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 5958 $\");\n script_name(\"VMSA-2012-0018: VMware security updates for vCSA and ESXi\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-27 10:42:13 +0100 (Thu, 27 Dec 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"5.0.0\",\"VIB:esx-base:5.0.0-1.25.912577\",\n \"5.1.0\",\"VIB:esx-base:5.1.0-0.8.911593\"); \n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-19T16:09:00", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2012-0018.", "cvss3": {}, "published": "2012-12-27T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX security updates (VMSA-2012-0018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-4609", "CVE-2012-6325", "CVE-2012-3404", "CVE-2012-6324", "CVE-2012-3405", "CVE-2010-0830", "CVE-2012-3480", "CVE-2009-5029", "CVE-2012-3406", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2012-0018: VMware security updates for vCSA and ESXi\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103627\");\n script_cve_id(\"CVE-2012-6324\", \"CVE-2012-6325\", \"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\", \"CVE-2012-0864\", \"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX security updates (VMSA-2012-0018)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-12-27 10:42:13 +0100 (Thu, 27 Dec 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2012-0018.html\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2012-0018.\");\n\n script_tag(name:\"affected\", value:\"VMware ESXi 5.1 without patch ESXi510-201212101\n\n VMware ESXi 5.0 without patch ESXi500-201212101\");\n\n script_tag(name:\"insight\", value:\"a. vCenter Server Appliance directory traversal\n\n The vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an\n authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose\n sensitive information stored on the server.\n\n b. vCenter Server Appliance arbitrary file download\n\n The vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an\n authenticated remote user to retrieve arbitrary files. Exploitation of this issue may\n expose sensitive information stored on the server.\n\n c. Update to ESX glibc package\n\n The ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"5.0.0\", \"VIB:esx-base:5.0.0-1.25.912577\",\n \"5.1.0\", \"VIB:esx-base:5.1.0-0.8.911593\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:06:39", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0126 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:881084", "href": "http://plugins.openvas.org/nasl.php?oid=881084", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0126 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n \n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n \n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n \n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n \n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n \n Red Hat would like to thank the Ubuntu Security Team for reporting\n CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\n Security Team acknowledges Dan Rosenberg as the original reporter of\n CVE-2010-0830.\n \n Users should upgrade to these updated packages, which resolve these issues.\";\n\ntag_affected = \"glibc on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018428.html\");\n script_id(881084);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:03:45 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0126\");\n script_name(\"CentOS Update for glibc CESA-2012:0126 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:29", "description": "Oracle Linux Local Security Checks ELSA-2012-0126", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0126", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123990", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123990", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0126.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123990\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:17 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0126\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0126 - glibc security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0126\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0126.html\");\n script_cve_id(\"CVE-2009-5064\", \"CVE-2011-1089\", \"CVE-2010-0830\", \"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~65.el5_7.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-03T10:57:03", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0126-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:870556", "href": "http://plugins.openvas.org/nasl.php?oid=870556", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0126-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n Red Hat would like to thank the Ubuntu Security Team for reporting\n CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\n Security Team acknowledges Dan Rosenberg as the original reporter of\n CVE-2010-0830.\n\n Users should upgrade to these updated packages, which resolve these issues.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00027.html\");\n script_id(870556);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:56:49 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0126-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0126-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0126 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881084", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881084", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0126 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018428.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881084\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:03:45 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0126\");\n script_name(\"CentOS Update for glibc CESA-2012:0126 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n Red Hat would like to thank the Ubuntu Security Team for reporting\n CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\n Security Team acknowledges Dan Rosenberg as the original reporter of\n CVE-2010-0830.\n\n Users should upgrade to these updated packages, which resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~65.el5_7.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0126-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870556", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870556", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0126-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00027.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870556\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:56:49 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0126-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0126-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n Red Hat would like to thank the Ubuntu Security Team for reporting\n CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\n Security Team acknowledges Dan Rosenberg as the original reporter of\n CVE-2010-0830.\n\n Users should upgrade to these updated packages, which resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~65.el5_7.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:15", "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-12.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-12 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071196", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071196", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201203_12.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\", \"CVE-2012-0050\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:35 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-12 (openssl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in OpenSSL, allowing\n remote attackers to cause a Denial of Service or obtain sensitive\n information.\");\n script_tag(name:\"solution\", value:\"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0g'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-12\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=397695\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=399365\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201203-12.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.0g\", \"rge 0.9.8t\"), vulnerable: make_list(\"lt 1.0.0g\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:54", "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-12.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-12 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71196", "href": "http://plugins.openvas.org/nasl.php?oid=71196", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in OpenSSL, allowing\n remote attackers to cause a Denial of Service or obtain sensitive\n information.\";\ntag_solution = \"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0g'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=397695\nhttp://bugs.gentoo.org/show_bug.cgi?id=399365\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201203-12.\";\n\n \n \nif(description)\n{\n script_id(71196);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\", \"CVE-2012-0050\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:35 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-12 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.0g\", \"rge 0.9.8t\"), vulnerable: make_list(\"lt 1.0.0g\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:43", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1589-2", "cvss3": {}, "published": "2012-12-18T00:00:00", "type": "openvas", "title": "Ubuntu Update for glibc USN-1589-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3480", "CVE-2012-3406"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841254", "href": "http://plugins.openvas.org/nasl.php?oid=841254", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1589_2.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for glibc USN-1589-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1589-1 fixed vulnerabilities in the GNU C Library. One of the updates\n exposed a regression in the floating point parser. This update fixes the\n problem.\n\n We apologize for the inconvenience.\n \n Original advisory details:\n \n It was discovered that positional arguments to the printf() family\n of functions were not handled properly in the GNU C Library. An\n attacker could possibly use this to cause a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n It was discovered that multiple integer overflows existed in the\n strtod(), strtof() and strtold() functions in the GNU C Library. An\n attacker could possibly use this to trigger a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3480)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1589-2\";\ntag_affected = \"glibc on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1589-2/\");\n script_id(841254);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-18 10:04:54 +0530 (Tue, 18 Dec 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1589-2\");\n script_name(\"Ubuntu Update for glibc USN-1589-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:46", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1589-1", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for eglibc USN-1589-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3480", "CVE-2012-3406"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1589_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for eglibc USN-1589-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1589-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841171\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:24:24 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1589-1\");\n script_name(\"Ubuntu Update for eglibc USN-1589-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1589-1\");\n script_tag(name:\"affected\", value:\"eglibc on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that positional arguments to the printf() family\n of functions were not handled properly in the GNU C Library. An\n attacker could possibly use this to cause a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\n It was discovered that multiple integer overflows existed in the\n strtod(), strtof() and strtold() functions in the GNU C Library. An\n attacker could possibly use this to trigger a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3480)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.11.1-0ubuntu7.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.15-0ubuntu10.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-20ubuntu5.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-0ubuntu13.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1589-2", "cvss3": {}, "published": "2012-12-18T00:00:00", "type": "openvas", "title": "Ubuntu Update for glibc USN-1589-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3480", "CVE-2012-3406"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841254", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1589_2.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for glibc USN-1589-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1589-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841254\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-18 10:04:54 +0530 (Tue, 18 Dec 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1589-2\");\n script_name(\"Ubuntu Update for glibc USN-1589-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1589-2\");\n script_tag(name:\"affected\", value:\"glibc on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1589-1 fixed vulnerabilities in the GNU C Library. One of the updates\n exposed a regression in the floating point parser. This update fixes the\n problem.\n\n We apologize for the inconvenience.\n\n Original advisory details:\n\n It was discovered that positional arguments to the printf() family\n of functions were not handled properly in the GNU C Library. An\n attacker could possibly use this to cause a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n It was discovered that multiple integer overflows existed in the\n strtod(), strtof() and strtold() functions in the GNU C Library. An\n attacker could possibly use this to trigger a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3480)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:20:23", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1589-1", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for eglibc USN-1589-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3480", "CVE-2012-3406"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841171", "href": "http://plugins.openvas.org/nasl.php?oid=841171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1589_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for eglibc USN-1589-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that positional arguments to the printf() family\n of functions were not handled properly in the GNU C Library. An\n attacker could possibly use this to cause a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\n It was discovered that multiple integer overflows existed in the\n strtod(), strtof() and strtold() functions in the GNU C Library. An\n attacker could possibly use this to trigger a stack-based buffer\n overflow, creating a denial of service or possibly execute arbitrary\n code. (CVE-2012-3480)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1589-1\";\ntag_affected = \"eglibc on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1589-1/\");\n script_id(841171);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:24:24 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1589-1\");\n script_name(\"Ubuntu Update for eglibc USN-1589-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.11.1-0ubuntu7.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.15-0ubuntu10.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-20ubuntu5.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-0ubuntu13.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:46", "description": "Oracle Linux Local Security Checks ELSA-2012-0060", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0060", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122003", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122003", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0060.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122003\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:33 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0060\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0060 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0060\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0060.html\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~20.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~20.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~20.el5_7.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0060 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881134", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881134", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0060 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018392.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881134\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:19:16 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0060\");\n script_name(\"CentOS Update for openssl CESA-2012:0060 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n A double free flaw was discovered in the policy checking code in OpenSSL.\n A remote attacker could use this flaw to crash an application that uses\n OpenSSL by providing an X.509 certificate that has specially-crafted\n policy extension data. (CVE-2011-4109)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:006 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831527", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:006 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:006\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831527\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-20 11:08:57 +0530 (Fri, 20 Jan 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2012:006\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:006 (openssl)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5\\.2|2010\\.1)\");\n script_tag(name:\"affected\", value:\"openssl on Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been found and corrected in openssl:\n\n The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\n performs a MAC check only if certain padding is valid, which makes\n it easier for remote attackers to recover plaintext via a padding\n oracle attack (CVE-2011-4108).\n\n Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\n X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to\n have an unspecified impact by triggering failure of a policy check\n (CVE-2011-4109).\n\n The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n 1.0.0f does not properly initialize data structures for block cipher\n padding, which might allow remote attackers to obtain sensitive\n information by decrypting the padding data sent by an SSL peer\n (CVE-2011-4576).\n\n The Server Gated Cryptography (SGC) implementation in OpenSSL before\n 0.9.8s and 1.x before 1.0.0f does not properly handle handshake\n restarts, which allows remote attackers to cause a denial of service\n via unspecified vectors (CVE-2011-4619).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8s~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8s~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0059 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881066", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881066", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0059 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018396.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881066\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 15:59:57 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2012:0059\");\n script_name(\"CentOS Update for openssl CESA-2012:0059 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n A denial of service flaw was found in the RFC 3779 implementation in\n OpenSSL. A remote attacker could use this flaw to make an application using\n OpenSSL exit unexpectedly by providing a specially-crafted X.509\n certificate that has malformed RFC 3779 extension data. (CVE-2011-4577)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:29", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0059-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:870668", "href": "http://plugins.openvas.org/nasl.php?oid=870668", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0059-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n A denial of service flaw was found in the RFC 3779 implementation in\n OpenSSL. A remote attacker could use this flaw to make an application using\n OpenSSL exit unexpectedly by providing a specially-crafted X.509\n certificate that has malformed RFC 3779 extension data. (CVE-2011-4577)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00021.html\");\n script_id(870668);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:44:57 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2012:0059-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0059-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0232", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864019", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0232\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071789.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864019\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:00:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-0232\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0232\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0f~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:59", "description": "Oracle Linux Local Security Checks ELSA-2012-0059", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0059", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122006", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122006", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0059.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122006\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:35 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0059\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0059 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0059\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0059.html\");\n script_cve_id(\"CVE-2011-4577\", \"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~20.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~20.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~20.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~20.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0059-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870668", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870668", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0059-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870668\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:44:57 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2012:0059-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0059-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n A denial of service flaw was found in the RFC 3779 implementation in\n OpenSSL. A remote attacker could use this flaw to make an application using\n OpenSSL exit unexpectedly by providing a specially-crafted X.509\n certificate that has malformed RFC 3779 extension data. (CVE-2011-4577)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~20.el6_2.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-11T11:06:07", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0059 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:881066", "href": "http://plugins.openvas.org/nasl.php?oid=881066", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0059 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n \n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n \n A denial of service flaw was found in the RFC 3779 implementation in\n OpenSSL. A remote attacker could use this flaw to make an application using\n OpenSSL exit unexpectedly by providing a specially-crafted X.509\n certificate that has malformed RFC 3779 extension data. (CVE-2011-4577)\n \n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n \n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018396.html\");\n script_id(881066);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 15:59:57 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2012:0059\");\n script_name(\"CentOS Update for openssl CESA-2012:0059 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~20.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-08T12:56:26", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:006 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:831527", "href": "http://plugins.openvas.org/nasl.php?oid=831527", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:006 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in openssl:\n\n The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\n performs a MAC check only if certain padding is valid, which makes\n it easier for remote attackers to recover plaintext via a padding\n oracle attack (CVE-2011-4108).\n\n Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\n X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to\n have an unspecified impact by triggering failure of a policy check\n (CVE-2011-4109).\n\n The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n 1.0.0f does not properly initialize data structures for block cipher\n padding, which might allow remote attackers to obtain sensitive\n information by decrypting the padding data sent by an SSL peer\n (CVE-2011-4576).\n\n The Server Gated Cryptography (SGC) implementation in OpenSSL before\n 0.9.8s and 1.x before 1.0.0f does not properly handle handshake\n restarts, which allows remote attackers to cause a denial of service\n via unspecified vectors (CVE-2011-4619).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"openssl on Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:006\");\n script_id(831527);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-20 11:08:57 +0530 (Fri, 20 Jan 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2012:006\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:006 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.12mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8s~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8s~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.9mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:58:03", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0060 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:881134", "href": "http://plugins.openvas.org/nasl.php?oid=881134", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0060 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n \n A double free flaw was discovered in the policy checking code in OpenSSL.\n A remote attacker could use this flaw to crash an application that uses\n OpenSSL by providing an X.509 certificate that has specially-crafted\n policy extension data. (CVE-2011-4109)\n \n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n \n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n \n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018392.html\");\n script_id(881134);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:19:16 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0060\");\n script_name(\"CentOS Update for openssl CESA-2012:0060 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~20.el5_7.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:03:18", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-38)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120204", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120204", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120204\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:04 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-38)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-38.html\");\n script_cve_id(\"CVE-2011-4577\", \"CVE-2011-4576\", \"CVE-2011-4108\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0g~1.26.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0g~1.26.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0g~1.26.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0g~1.26.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0g~1.26.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:35", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0232", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:864019", "href": "http://plugins.openvas.org/nasl.php?oid=864019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0232\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 16\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071789.html\");\n script_id(864019);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:00:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-0232\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0232\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0f~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:06:55", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-01-25T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0060-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:870532", "href": "http://plugins.openvas.org/nasl.php?oid=870532", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0060-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n A double free flaw was discovered in the policy checking code in OpenSSL.\n A remote attacker could use this flaw to crash an application that uses\n OpenSSL by providing an X.509 certificate that has specially-crafted\n policy extension data. (CVE-2011-4109)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00022.html\");\n script_id(870532);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-25 11:14:40 +0530 (Wed, 25 Jan 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0060-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0060-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-25T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0060-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4109"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870532", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870532", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0060-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00022.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870532\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-25 11:14:40 +0530 (Wed, 25 Jan 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0060-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0060-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that the Datagram Transport Layer Security (DTLS)\n protocol implementation in OpenSSL leaked timing information when\n performing certain operations. A remote attacker could possibly use this\n flaw to retrieve plain text from the encrypted packets by using a DTLS\n server as a padding oracle. (CVE-2011-4108)\n\n A double free flaw was discovered in the policy checking code in OpenSSL.\n A remote attacker could use this flaw to crash an application that uses\n OpenSSL by providing an X.509 certificate that has specially-crafted\n policy extension data. (CVE-2011-4109)\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~20.el5_7.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-25T12:22:17", "description": "OpenSSL prone to multiple security vulnerabilities.", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2011-4109"], "modified": "2019-07-24T00:00:00", "id": "OPENVAS:1361412562310103394", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103394", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# OpenSSL Multiple Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103394\");\n script_bugtraq_id(51281);\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_version(\"2019-07-24T08:39:52+0000\");\n\n script_name(\"OpenSSL Multiple Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/51281\");\n script_xref(name:\"URL\", value:\"http://www.openssl.org/news/secadv_20120104.txt\");\n\n script_tag(name:\"last_modification\", value:\"2019-07-24 08:39:52 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-01-20 11:28:16 +0100 (Fri, 20 Jan 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"gb_openssl_detect_win.nasl\");\n script_mandatory_keys(\"openssl/detected\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"OpenSSL prone to multiple security vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"An attacker may leverage these issues to obtain sensitive information,\n cause a denial-of-service condition and perform unauthorized actions.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^1\\.0\\.\" && version_is_less(version:vers, test_version:\"1.0.0f\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"1.0.0f\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nif(vers =~ \"^0\\.9\\.\" && version_is_less(version:vers, test_version:\"0.9.8s\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"0.9.8s\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2011-4109"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070756", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_openssl6.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 78cc8a46-3e56-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70756\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: openssl\n\nCVE-2011-4108\nThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\nperforms a MAC check only if certain padding is valid, which makes it\neasier for remote attackers to recover plaintext via a padding oracle\nattack.\n\nCVE-2011-4109\nDouble free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\nX509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have\nan unspecified impact by triggering failure of a policy check.\n\nCVE-2011-4576\nThe SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n1.0.0f does not properly initialize data structures for block cipher\npadding, which might allow remote attackers to obtain sensitive\ninformation by decrypting the padding data sent by an SSL peer.\n\nCVE-2011-4577\nOpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is\nenabled, allows remote attackers to cause a denial of service\n(assertion failure) via an X.509 certificate containing\ncertificate-extension data associated with (1) IP address blocks or\n(2) Autonomous System (AS) identifiers.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL before\n0.9.8s and 1.x before 1.0.0f does not properly handle handshake\nrestarts, which allows remote attackers to cause a denial of service\nvia unspecified vectors.\n\nCVE-2012-0027\nThe GOST ENGINE in OpenSSL before 1.0.0f does not properly handle\ninvalid parameters for the GOST block cipher, which allows remote\nattackers to cause a denial of service (daemon crash) via crafted data\nfrom a TLS client.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://openssl.org/news/secadv_20120104.txt\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/78cc8a46-3e56-11e1-89b4-001ec9578670.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"openssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.0_8\")<0) {\n txt += 'Package openssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:42", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2011-4109"], "modified": "2017-04-12T00:00:00", "id": "OPENVAS:70756", "href": "http://plugins.openvas.org/nasl.php?oid=70756", "sourceData": "#\n#VID 78cc8a46-3e56-11e1-89b4-001ec9578670\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 78cc8a46-3e56-11e1-89b4-001ec9578670\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: openssl\n\nCVE-2011-4108\nThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\nperforms a MAC check only if certain padding is valid, which makes it\neasier for remote attackers to recover plaintext via a padding oracle\nattack.\n\nCVE-2011-4109\nDouble free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\nX509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have\nan unspecified impact by triggering failure of a policy check.\n\nCVE-2011-4576\nThe SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n1.0.0f does not properly initialize data structures for block cipher\npadding, which might allow remote attackers to obtain sensitive\ninformation by decrypting the padding data sent by an SSL peer.\n\nCVE-2011-4577\nOpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is\nenabled, allows remote attackers to cause a denial of service\n(assertion failure) via an X.509 certificate containing\ncertificate-extension data associated with (1) IP address blocks or\n(2) Autonomous System (AS) identifiers.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL before\n0.9.8s and 1.x before 1.0.0f does not properly handle handshake\nrestarts, which allows remote attackers to cause a denial of service\nvia unspecified vectors.\n\nCVE-2012-0027\nThe GOST ENGINE in OpenSSL before 1.0.0f does not properly handle\ninvalid parameters for the GOST block cipher, which allows remote\nattackers to cause a denial of service (daemon crash) via crafted data\nfrom a TLS client.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://openssl.org/news/secadv_20120104.txt\nhttp://www.vuxml.org/freebsd/78cc8a46-3e56-11e1-89b4-001ec9578670.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70756);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_version(\"$Revision: 5940 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-12 11:02:05 +0200 (Wed, 12 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 07:27:20 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"FreeBSD Ports: openssl\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"openssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.0_8\")<0) {\n txt += 'Package openssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-19T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:1098-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:1098-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-July/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870794\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-19 10:29:44 +0530 (Thu, 19 Jul 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1098-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:1098-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages provide the standard C and standard math libraries used\n by multiple programs on the system. Without these libraries, the Linux\n system cannot function properly.\n\n Multiple errors in glibc's formatted printing functionality could allow an\n attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code\n using a format string flaw in an application, even though these protections\n are expected to limit the impact of such flaws to an application abort.\n (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\n This update also fixes the following bug:\n\n * A programming error caused an internal array of nameservers to be only\n partially initialized when the /etc/resolv.conf file contained IPv6\n nameservers. Depending on the contents of a nearby structure, this could\n cause certain applications to terminate unexpectedly with a segmentation\n fault. The programming error has been fixed, which restores proper behavior\n with IPv6 nameservers listed in the /etc/resolv.conf file. (BZ#837026)\n\n All users of glibc are advised to upgrade to these updated packages, which\n contain backported patches to fix these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:07:49", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-19T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:1098-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:870794", "href": "http://plugins.openvas.org/nasl.php?oid=870794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:1098-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages provide the standard C and standard math libraries used\n by multiple programs on the system. Without these libraries, the Linux\n system cannot function properly.\n\n Multiple errors in glibc's formatted printing functionality could allow an\n attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code\n using a format string flaw in an application, even though these protections\n are expected to limit the impact of such flaws to an application abort.\n (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\n This update also fixes the following bug:\n\n * A programming error caused an internal array of nameservers to be only\n partially initialized when the /etc/resolv.conf file contained IPv6\n nameservers. Depending on the contents of a nearby structure, this could\n cause certain applications to terminate unexpectedly with a segmentation\n fault. The programming error has been fixed, which restores proper behavior\n with IPv6 nameservers listed in the /etc/resolv.conf file. (BZ#837026)\n\n All users of glibc are advised to upgrade to these updated packages, which\n contain backported patches to fix these issues.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-July/msg00020.html\");\n script_id(870794);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-19 10:29:44 +0530 (Thu, 19 Jul 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1098-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:1098-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.el6_3.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:1098 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:1098 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-July/018753.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881067\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:00:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1098\");\n script_name(\"CentOS Update for glibc CESA-2012:1098 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages provide the standard C and standard math libraries used\n by multiple programs on the system. Without these libraries, the Linux\n system cannot function properly.\n\n Multiple errors in glibc's formatted printing functionality could allow an\n attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code\n using a format string flaw in an application, even though these protections\n are expected to limit the impact of such flaws to an application abort.\n (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\n This update also fixes the following bug:\n\n * A programming error caused an internal array of nameservers to be only\n partially initialized when the /etc/resolv.conf file contained IPv6\n nameservers. Depending on the contents of a nearby structure, this could\n cause certain applications to terminate unexpectedly with a segmentation\n fault. The programming error has been fixed, which restores proper behavior\n with IPv6 nameservers listed in the /etc/resolv.conf file. (BZ#837026)\n\n All users of glibc are advised to upgrade to these updated packages, which\n contain backported patches to fix these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "description": "Oracle Linux Local Security Checks ELSA-2012-1098", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1098", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123858", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123858", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1098.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123858\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:30 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1098\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1098 - glibc security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1098\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1098.html\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.el6_3.3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:58:10", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:1098 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:881067", "href": "http://plugins.openvas.org/nasl.php?oid=881067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:1098 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages provide the standard C and standard math libraries used\n by multiple programs on the system. Without these libraries, the Linux\n system cannot function properly.\n\n Multiple errors in glibc's formatted printing functionality could allow an\n attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code\n using a format string flaw in an application, even though these protections\n are expected to limit the impact of such flaws to an application abort.\n (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n \n This update also fixes the following bug:\n \n * A programming error caused an internal array of nameservers to be only\n partially initialized when the /etc/resolv.conf file contained IPv6\n nameservers. Depending on the contents of a nearby structure, this could\n cause certain applications to terminate unexpectedly with a segmentation\n fault. The programming error has been fixed, which restores proper behavior\n with IPv6 nameservers listed in the /etc/resolv.conf file. (BZ#837026)\n \n All users of glibc are advised to upgrade to these updated packages, which\n contain backported patches to fix these issues.\";\n\ntag_affected = \"glibc on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-July/018753.html\");\n script_id(881067);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:00:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1098\");\n script_name(\"CentOS Update for glibc CESA-2012:1098 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.el6_3.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:03", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-109)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120262", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120262\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:52 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-109)\");\n script_tag(name:\"insight\", value:\"Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.\");\n script_tag(name:\"solution\", value:\"Run yum update glibc to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-109.html\");\n script_cve_id(\"CVE-2012-3406\", \"CVE-2012-3405\", \"CVE-2012-3404\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.80.40.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0250", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-3207"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863683", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0250\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071944.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863683\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-16 19:02:54 +0530 (Mon, 16 Jan 2012)\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2012-0250\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0250\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0f~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T18:42:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-02T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2012:0083-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850181", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850181", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850181\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 20:17:50 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0083-1\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2012:0083-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE11\\.3)\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 11.4, openSUSE 11.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"Various security vulnerabilities have been fixed in openssl:\n\n - DTLS plaintext recovery attack (CVE-2011-4108)\n\n - uninitialized SSL 3.0 padding (CVE-2011-4576)\n\n - malformed RFC 3779 data can cause assertion failures\n (CVE-2011-4577)\n\n - SGC restart DoS attack (CVE-2011-4619)\n\n - invalid GOST parameters DoS attack (CVE-2012-0027)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0c~18.23.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.0c~18.23.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~18.23.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.0c~18.23.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.0c~18.23.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE11.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0~6.13.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.0~6.13.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~6.13.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.0~6.13.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.0~6.13.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-11T11:07:33", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:007 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0027", "CVE-2011-4109"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:831679", "href": "http://plugins.openvas.org/nasl.php?oid=831679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:007 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in openssl:\n\n The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\n performs a MAC check only if certain padding is valid, which makes\n it easier for remote attackers to recover plaintext via a padding\n oracle attack (CVE-2011-4108).\n\n Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\n X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to\n have an unspecified impact by triggering failure of a policy check\n (CVE-2011-4109).\n\n The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n 1.0.0f does not properly initialize data structures for block cipher\n padding, which might allow remote attackers to obtain sensitive\n information by decrypting the padding data sent by an SSL peer\n (CVE-2011-4576).\n\n The Server Gated Cryptography (SGC) implementation in OpenSSL before\n 0.9.8s and 1.x before 1.0.0f does not properly handle handshake\n restarts, which allows remote attackers to cause a denial of service\n via unspecified vectors (CVE-2011-4619).\n\n The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle\n invalid parameters for the GOST block cipher, which allows remote\n attackers to cause a denial of service (daemon crash) via crafted\n data from a TLS client (CVE-2012-0027).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"openssl on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:007\");\n script_id(831679);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 10:01:30 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2012:007\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:007 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-static-devel\", rpm:\"libopenssl-static-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-devel\", rpm:\"lib64openssl-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-static-devel\", rpm:\"lib64openssl-static-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:55", "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2390-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2011-4109"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70708", "href": "http://plugins.openvas.org/nasl.php?oid=70708", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2390_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2390-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2011-4108\nThe DTLS implementation performs a MAC check only if certain\npadding is valid, which makes it easier for remote attackers\nto recover plaintext via a padding oracle attack.\n\nCVE-2011-4109\nA double free vulnerability when X509_V_FLAG_POLICY_CHECK is\nenabled, allows remote attackers to cause applications crashes\nand potentially allow execution of arbitrary code by\ntriggering failure of a policy check.\n\nCVE-2011-4354\nOn 32-bit systems, the operations on NIST elliptic curves\nP-256 and P-384 are not correctly implemented, potentially\nleaking the private ECC key of a TLS server. (Regular\nRSA-based keys are not affected by this vulnerability.)\n\nCVE-2011-4576\nThe SSL 3.0 implementation does not properly initialize data\nstructures for block cipher padding, which might allow remote\nattackers to obtain sensitive information by decrypting the\npadding data sent by an SSL peer.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL\ndoes not properly handle handshake restarts, unnecessarily\nsimplifying CPU exhaustion attacks.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202390-1\";\n\nif(description)\n{\n script_id(70708);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 03:28:14 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2390-1 (openssl)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15+lenny13\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:007 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0027", "CVE-2011-4109"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:007 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:007\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831679\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 10:01:30 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2012:007\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:007 (openssl)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"openssl on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been found and corrected in openssl:\n\n The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\n performs a MAC check only if certain padding is valid, which makes\n it easier for remote attackers to recover plaintext via a padding\n oracle attack (CVE-2011-4108).\n\n Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\n X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to\n have an unspecified impact by triggering failure of a policy check\n (CVE-2011-4109).\n\n The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n 1.0.0f does not properly initialize data structures for block cipher\n padding, which might allow remote attackers to obtain sensitive\n information by decrypting the padding data sent by an SSL peer\n (CVE-2011-4576).\n\n The Server Gated Cryptography (SGC) implementation in OpenSSL before\n 0.9.8s and 1.x before 1.0.0f does not properly handle handshake\n restarts, which allows remote attackers to cause a denial of service\n via unspecified vectors (CVE-2011-4619).\n\n The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle\n invalid parameters for the GOST block cipher, which allows remote\n attackers to cause a denial of service (daemon crash) via crafted\n data from a TLS client (CVE-2012-0027).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-static-devel\", rpm:\"libopenssl-static-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-devel\", rpm:\"lib64openssl-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-static-devel\", rpm:\"lib64openssl-static-devel~1.0.0d~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:15", "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2390-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2011-4109"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070708", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070708", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2390_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2390-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70708\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 03:28:14 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2390-1 (openssl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202390-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2011-4108\nThe DTLS implementation performs a MAC check only if certain\npadding is valid, which makes it easier for remote attackers\nto recover plaintext via a padding oracle attack.\n\nCVE-2011-4109\nA double free vulnerability when X509_V_FLAG_POLICY_CHECK is\nenabled, allows remote attackers to cause applications crashes\nand potentially allow execution of arbitrary code by\ntriggering failure of a policy check.\n\nCVE-2011-4354\nOn 32-bit systems, the operations on NIST elliptic curves\nP-256 and P-384 are not correctly implemented, potentially\nleaking the private ECC key of a TLS server. (Regular\nRSA-based keys are not affected by this vulnerability.)\n\nCVE-2011-4576\nThe SSL 3.0 implementation does not properly initialize data\nstructures for block cipher padding, which might allow remote\nattackers to obtain sensitive information by decrypting the\npadding data sent by an SSL peer.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL\ndoes not properly handle handshake restarts, unnecessarily\nsimplifying CPU exhaustion attacks.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15+lenny13\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:10", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-08-02T00:00:00", "type": "openvas", "title": "SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:850181", "href": "http://plugins.openvas.org/nasl.php?oid=850181", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_0083_1.nasl 8249 2017-12-27 06:29:56Z teissa $\n#\n# SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Various security vulnerabilities have been fixed in openssl:\n\n - DTLS plaintext recovery attack (CVE-2011-4108)\n - uninitialized SSL 3.0 padding (CVE-2011-4576)\n - malformed RFC 3779 data can cause assertion failures\n (CVE-2011-4577)\n - SGC restart DoS attack (CVE-2011-4619)\n - invalid GOST parameters DoS attack (CVE-2012-0027)\";\n\ntag_affected = \"openssl on openSUSE 11.4, openSUSE 11.3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850181);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 20:17:50 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:0083_1\");\n script_name(\"SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0c~18.23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.0c~18.23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~18.23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.0c~18.23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.0c~18.23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0~6.13.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.0~6.13.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~6.13.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.0~6.13.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.0~6.13.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-03T10:56:57", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0250", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-3207"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863683", "href": "http://plugins.openvas.org/nasl.php?oid=863683", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0250\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 15\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071944.html\");\n script_id(863683);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-16 19:02:54 +0530 (Mon, 16 Jan 2012)\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2012-0250\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0250\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0f~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-12-04T11:21:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1357-1", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1357-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109", "CVE-2011-1945"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840887", "href": "http://plugins.openvas.org/nasl.php?oid=840887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1357_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for openssl USN-1357-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the elliptic curve cryptography (ECC) subsystem\n in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm\n (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement\n curves over binary fields. This could allow an attacker to determine\n private keys via a timing attack. This issue only affected Ubuntu 8.04\n LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\n Adam Langley discovered that the ephemeral Elliptic Curve\n Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread\n safety while processing handshake messages from clients. This\n could allow a remote attacker to cause a denial of service via\n out-of-order messages that violate the TLS protocol. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu\n 11.04. (CVE-2011-3210)\n\n Nadhem Alfardan and Kenny Paterson discovered that the Datagram\n Transport Layer Security (DTLS) implementation in OpenSSL performed a\n MAC check only if certain padding is valid. This could allow a remote\n attacker to recover plaintext. (CVE-2011-4108)\n\n Antonio Martin discovered that a flaw existed in the fix to address\n CVE-2011-4108, the DTLS MAC check failure. This could allow a remote\n attacker to cause a denial of service. (CVE-2012-0050)\n\n Ben Laurie discovered a double free vulnerability in OpenSSL that could\n be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled. This\n could allow a remote attacker to cause a denial of service. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-4109)\n\n It was discovered that OpenSSL, in certain circumstances involving\n ECDH or ECDHE cipher suites, used an incorrect modular reduction\n algorithm in its implementation of the P-256 and P-384 NIST elliptic\n curves. This could allow a remote attacker to obtain the private\n key of a TLS server via multiple handshake attempts. This issue only\n affected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\n Adam Langley discovered that the SSL 3.0 implementation in OpenSSL\n did not properly initialize data structures for block cipher\n padding. This could allow a remote attacker to obtain sensitive\n information. (CVE-2011-4576)\n\n Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled,\n could trigger an assert when handling an X.509 certificate containing\n certificate-extension data associated with IP address blocks or\n Autonomous System (AS) identifiers. This could allow a remote attacker\n to cause a denial of servi ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1357-1\";\ntag_affected = \"openssl on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1357-1/\");\n script_id(840887);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:29:45 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2011-1945\", \"CVE-2011-3210\", \"CVE-2011-4108\", \"CVE-2012-0050\",\n \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4577\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1357-1\");\n script_name(\"Ubuntu Update for openssl USN-1357-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1357-1", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1357-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109", "CVE-2011-1945"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840887", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1357_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openssl USN-1357-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1357-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840887\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:29:45 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2011-1945\", \"CVE-2011-3210\", \"CVE-2011-4108\", \"CVE-2012-0050\",\n \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4577\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1357-1\");\n script_name(\"Ubuntu Update for openssl USN-1357-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1357-1\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the elliptic curve cryptography (ECC) subsystem\n in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm\n (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement\n curves over binary fields. This could allow an attacker to determine\n private keys via a timing attack. This issue only affected Ubuntu 8.04\n LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\n Adam Langley discovered that the ephemeral Elliptic Curve\n Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread\n safety while processing handshake messages from clients. This\n could allow a remote attacker to cause a denial of service via\n out-of-order messages that violate the TLS protocol. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu\n 11.04. (CVE-2011-3210)\n\n Nadhem Alfardan and Kenny Paterson discovered that the Datagram\n Transport Layer Security (DTLS) implementation in OpenSSL performed a\n MAC check only if certain padding is valid. This could allow a remote\n attacker to recover plaintext. (CVE-2011-4108)\n\n Antonio Martin discovered that a flaw existed in the fix to address\n CVE-2011-4108, the DTLS MAC check failure. This could allow a remote\n attacker to cause a denial of service. (CVE-2012-0050)\n\n Ben Laurie discovered a double free vulnerability in OpenSSL that could\n be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled. This\n could allow a remote attacker to cause a denial of service. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-4109)\n\n It was discovered that OpenSSL, in certain circumstances involving\n ECDH or ECDHE cipher suites, used an incorrect modular reduction\n algorithm in its implementation of the P-256 and P-384 NIST elliptic\n curves. This could allow a remote attacker to obtain the private\n key of a TLS server via multiple handshake attempts. This issue only\n affected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\n Adam Langley discovered that the SSL 3.0 implementation in OpenSSL\n did not properly initialize data structures for block cipher\n padding. This could allow a remote attacker to obtain sensitive\n information. (CVE-2011-4576)\n\n Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled,\n could trigger an assert when handling an X.509 certificate containing\n certificate-extension data associated with IP address blocks or\n Autonomous System (AS) identifiers. This could allow a remote attacker\n to cause a denial of servi ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:24", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0125 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:881217", "href": "http://plugins.openvas.org/nasl.php?oid=881217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0125 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n \n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n \n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n \n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n \n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n \n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n \n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"glibc on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018427.html\");\n script_id(881217);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:48:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0125\");\n script_name(\"CentOS Update for glibc CESA-2012:0125 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:58:07", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0125-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:870545", "href": "http://plugins.openvas.org/nasl.php?oid=870545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0125-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00026.html\");\n script_id(870545);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:55:19 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0125-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0125-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0125 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0125 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018427.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881217\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:48:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0125\");\n script_name(\"CentOS Update for glibc CESA-2012:0125 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0125-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0125-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870545\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:55:19 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0125-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0125-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for glibc FEDORA-2012-11508", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3405", "CVE-2012-3406"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864623", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for glibc FEDORA-2012-11508\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085125.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864623\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:20:46 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-11508\");\n script_name(\"Fedora Update for glibc FEDORA-2012-11508\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"glibc on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.15~54.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:1526-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870629", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870629", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:1526-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00004.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870629\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:36:25 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2009-5064\", \"CVE-2011-1089\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:1526-03\");\n script_name(\"RedHat Update for glibc RHSA-2011:1526-03\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system\n cannot function properly.\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n Red Hat would like to thank Dan Rosenberg for reporting the CVE-2011-1089\n issue.\n\n This update also fixes several bugs and adds various enhancements.\n Documentation for these bug fixes and enhancements will be available\n shortly from the Technical Notes document, linked to in the References\n section.\n\n Users are advised to upgrade to these updated glibc packages, which contain\n backported patches to resolve these issues and add these enhancements.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-03T10:57:25", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for glibc FEDORA-2012-11508", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:864623", "href": "http://plugins.openvas.org/nasl.php?oid=864623", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for glibc FEDORA-2012-11508\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"glibc on Fedora 17\";\ntag_insight = \"The glibc package contains standard libraries which are used by\n multiple programs on the system. In order to save disk space and\n memory, as well as to make upgrading easier, common system code is\n kept in one place and shared between programs. This particular package\n contains the most important sets of shared libraries: the standard C\n library and the standard math library. Without these two libraries, a\n Linux system will not function.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085125.html\");\n script_id(864623);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:20:46 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-3405\", \"CVE-2012-3406\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-11508\");\n script_name(\"Fedora Update for glibc FEDORA-2012-11508\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.15~54.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:25", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0058-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870722", "href": "http://plugins.openvas.org/nasl.php?oid=870722", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0058-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n This update also fixes the following bugs:\n\n * glibc had incorrect information for numeric separators and groupings for\n specific French, Spanish, and German locales. Therefore, applications\n utilizing glibc's locale support printed numbers with the wrong separators\n and groupings when those locales were in use. With this update, the\n separator and grouping information has been fixed. (BZ#754116)\n\n * The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\n incorrectly parse groups with more than 126 members, resulting in\n applications such as &quot;id&quot; failing to list all the groups a particular user\n was a member of. With this update, group parsing has been fixed.\n (BZ#766484)\n\n * glibc incorrectly allocated too much memory due to a race condition\n within its own malloc routines. This could cause a multi-threaded\n application to allocate more memory than was expected. With this update,\n the race condition has been fixed, and malloc's behavior is now consistent\n with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\n environment variables. (BZ#769594)\n\n Users should upgrade to these updated packages, which contain backported\n patches to resolve these issues.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00020.html\");\n script_id(870722);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:53:27 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0058-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0058-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0058-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870722", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870722", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0058-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870722\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:53:27 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0058-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0058-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n This update also fixes the following bugs:\n\n * glibc had incorrect information for numeric separators and groupings for\n specific French, Spanish, and German locales. Therefore, applications\n utilizing glibc's locale support printed numbers with the wrong separators\n and groupings when those locales were in use. With this update, the\n separator and grouping information has been fixed. (BZ#754116)\n\n * The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\n incorrectly parse groups with more than 126 members, resulting in\n applications such as 'id' failing to list all the groups a particular user\n was a member of. With this update, group parsing has been fixed.\n (BZ#766484)\n\n * glibc incorrectly allocated too much memory due to a race condition\n within its own malloc routines. This could cause a multi-threaded\n application to allocate more memory than was expected. With this update,\n the race condition has been fixed, and malloc's behavior is now consistent\n with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\n environment variables. (BZ#769594)\n\n Users should upgrade to these updated packages, which contain backported\n patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6_2.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-08T12:58:00", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:1526-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:870629", "href": "http://plugins.openvas.org/nasl.php?oid=870629", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:1526-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system\n cannot function properly.\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n Red Hat would like to thank Dan Rosenberg for reporting the CVE-2011-1089\n issue.\n\n This update also fixes several bugs and adds various enhancements.\n Documentation for these bug fixes and enhancements will be available\n shortly from the Technical Notes document, linked to in the References\n section.\n\n Users are advised to upgrade to these updated glibc packages, which contain\n backported patches to resolve these issues and add these enhancements.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-December/msg00004.html\");\n script_id(870629);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:36:25 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2009-5064\", \"CVE-2011-1089\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:1526-03\");\n script_name(\"RedHat Update for glibc RHSA-2011:1526-03\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:06:24", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0058 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881117", "href": "http://plugins.openvas.org/nasl.php?oid=881117", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0058 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n \n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n \n This update also fixes the following bugs:\n \n * glibc had incorrect information for numeric separators and groupings for\n specific French, Spanish, and German locales. Therefore, applications\n utilizing glibc's locale support printed numbers with the wrong separators\n and groupings when those locales were in use. With this update, the\n separator and grouping information has been fixed. (BZ#754116)\n \n * The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\n incorrectly parse groups with more than 126 members, resulting in\n applications such as &quot;id&quot; failing to list all the groups a particular user\n was a member of. With this update, group parsing has been fixed.\n (BZ#766484)\n \n * glibc incorrectly allocated too much memory due to a race condition\n within its own malloc routines. This could cause a multi-threaded\n application to allocate more memory than was expected. With this update,\n the race condition has been fixed, and malloc's behavior is now consistent\n with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\n environment variables. (BZ#769594)\n \n Users should upgrade to these updated packages, which contain backported\n patches to resolve these issues.\";\n\ntag_affected = \"glibc on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018397.html\");\n script_id(881117);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:12:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0058\");\n script_name(\"CentOS Update for glibc CESA-2012:0058 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0058 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881117", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0058 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018397.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881117\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:12:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0058\");\n script_name(\"CentOS Update for glibc CESA-2012:0058 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A denial of service flaw was found in the remote procedure call (RPC)\n implementation in glibc. A remote attacker able to open a large number of\n connections to an RPC service that is using the RPC implementation from\n glibc, could use this flaw to make that service use an excessive amount of\n CPU time. (CVE-2011-4609)\n\n This update also fixes the following bugs:\n\n * glibc had incorrect information for numeric separators and groupings for\n specific French, Spanish, and German locales. Therefore, applications\n utilizing glibc's locale support printed numbers with the wrong separators\n and groupings when those locales were in use. With this update, the\n separator and grouping information has been fixed. (BZ#754116)\n\n * The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\n incorrectly parse groups with more than 126 members, resulting in\n applications such as 'id' failing to list all the groups a particular user\n was a member of. With this update, group parsing has been fixed.\n (BZ#766484)\n\n * glibc incorrectly allocated too much memory due to a race condition\n within its own malloc routines. This could cause a multi-threaded\n application to allocate more memory than was expected. With this update,\n the race condition has been fixed, and malloc's behavior is now consistent\n with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\n environment variables. (BZ#769594)\n\n Users should upgrade to these updated packages, which contain backported\n patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:06", "description": "Oracle Linux Local Security Checks ELSA-2012-0058", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0058", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122007", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122007", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0058.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122007\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:36 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0058\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0058 - glibc security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0058\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0058.html\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Oracle Linux Local Security Checks ELSA-2011-1526", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1526", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122033", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1526.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122033\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1526\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1526 - glibc security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1526\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1526.html\");\n script_cve_id(\"CVE-2009-5064\", \"CVE-2011-1089\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T23:03:02", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-39)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120203", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120203\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:03 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-39)\");\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029 )A denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609 )\");\n script_tag(name:\"solution\", value:\"Run yum update glibc to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-39.html\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.47.32.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0086 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4576", "CVE-2011-4619"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881239", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881239", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0086 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018412.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881239\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:54:53 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2012:0086\");\n script_name(\"CentOS Update for openssl CESA-2012:0086 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2012:0086 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4576", "CVE-2011-4619"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:881239", "href": "http://plugins.openvas.org/nasl.php?oid=881239", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2012:0086 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n \n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n \n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018412.html\");\n script_id(881239);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:54:53 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2012:0086\");\n script_name(\"CentOS Update for openssl CESA-2012:0086 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.7a~43.18.el4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-03T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0086-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4576", "CVE-2011-4619"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0086-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00009.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870540\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-03 11:24:17 +0530 (Fri, 03 Feb 2012)\");\n script_cve_id(\"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2012:0086-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0086-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:14", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-340-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-340-01 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-4252"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231068671", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068671", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_340_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68671\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-4252\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-340-01 openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-340-01\");\n\n script_tag(name:\"insight\", value:\"New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-340-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8q-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8q-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:52", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-02-03T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2012:0086-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4576", "CVE-2011-4619"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:870540", "href": "http://plugins.openvas.org/nasl.php?oid=870540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2012:0086-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n An information leak flaw was found in the SSL 3.0 protocol implementation\n in OpenSSL. Incorrect initialization of SSL record padding bytes could\n cause an SSL client or server to send a limited amount of possibly\n sensitive data to its SSL peer via the encrypted connection.\n (CVE-2011-4576)\n\n It was discovered that OpenSSL did not limit the number of TLS/SSL\n handshake restarts required to support Server Gated Cryptography. A remote\n attacker could use this flaw to make a TLS/SSL server using OpenSSL consume\n an excessive amount of CPU by continuously restarting the handshake.\n (CVE-2011-4619)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the system\n rebooted.\";\n\ntag_affected = \"openssl on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00009.html\");\n script_id(870540);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-03 11:24:17 +0530 (Fri, 03 Feb 2012)\");\n script_cve_id(\"CVE-2011-4576\", \"CVE-2011-4619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2012:0086-01\");\n script_name(\"RedHat Update for openssl RHSA-2012:0086-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.7a~43.18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:011 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2012-0050"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831533", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:011 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:011\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831533\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:37:09 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2012-0050\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:011\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:011 (openssl)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|mes5\\.2|2010\\.1)\");\n script_tag(name:\"affected\", value:\"openssl on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in openssl:\n\n OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications,\n which allows remote attackers to cause a denial of service via\n unspecified vectors. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2011-4108 (CVE-2012-0050).\n\n The updated packages have been patched to correct this issue.\n\n The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t\n version which is not vulnerable to this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-static-devel\", rpm:\"libopenssl-static-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-devel\", rpm:\"lib64openssl-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-static-devel\", rpm:\"lib64openssl-static-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8t~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8t~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-02T10:58:01", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0708", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2012-0050"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863945", "href": "http://plugins.openvas.org/nasl.php?oid=863945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0708\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 16\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072232.html\");\n script_id(863945);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:41 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0050\", \"CVE-2011-4108\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0708\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0708\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0g~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:21", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2012:011 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2012-0050"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:831533", "href": "http://plugins.openvas.org/nasl.php?oid=831533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2012:011 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in openssl:\n\n OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications,\n which allows remote attackers to cause a denial of service via\n unspecified vectors. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2011-4108 (CVE-2012-0050).\n\n The updated packages have been patched to correct this issue.\n\n The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t\n version which is not vulnerable to this issue.\";\n\ntag_affected = \"openssl on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:011\");\n script_id(831533);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:37:09 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2012-0050\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:011\");\n script_name(\"Mandriva Update for openssl MDVSA-2012:011 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-static-devel\", rpm:\"libopenssl-static-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-devel\", rpm:\"lib64openssl-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-static-devel\", rpm:\"lib64openssl-static-devel~1.0.0d~2.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.13mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8t~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8t~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.10mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2012-0708", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2012-0050"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2012-0708\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072232.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863945\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:41 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0050\", \"CVE-2011-4108\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0708\");\n script_name(\"Fedora Update for openssl FEDORA-2012-0708\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0g~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-12-08T15:34:02", "description": "a. vCenter Server Appliance directory traversal\n\n The vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. \n\n VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6324 to this issue.\n\n b. vCenter Server Appliance arbitrary file download\n\n The vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server.\n\n VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6325 to this issue.\n\n c. Update to ESX glibc package\n\n The ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864 CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480 to these issues.\n\n d. vCenter Server and vCSA webservice logging denial of service\n\n The vCenter Server and vCenter Server Appliance (vCSA) both contain a vulnerability that allows unauthenticated remote users to create abnormally large log entries. Exploitation of this issue may allow an attacker to fill the system volume of the vCenter host or appliance VM and create a denial-of-service condition. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6326 to this issue.", "cvss3": {}, "published": "2012-12-24T00:00:00", "type": "nessus", "title": "VMSA-2012-0018 : VMware security updates for vCSA and ESXi", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609", "CVE-2012-0864", "CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480", "CVE-2012-6324", "CVE-2012-6325", "CVE-2012-6326"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esxi:5.0", "cpe:/o:vmware:esxi:5.1"], "id": "VMWARE_VMSA-2012-0018.NASL", "href": "https://www.tenable.com/plugins/nessus/63332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2012-0018. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63332);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\", \"CVE-2012-0864\", \"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\", \"CVE-2012-6324\", \"CVE-2012-6325\", \"CVE-2012-6326\");\n script_bugtraq_id(40063, 46740, 50898, 51439, 52201, 54374, 54982, 57021, 57022, 58139);\n script_xref(name:\"VMSA\", value:\"2012-0018\");\n\n script_name(english:\"VMSA-2012-0018 : VMware security updates for vCSA and ESXi\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote VMware ESXi host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. vCenter Server Appliance directory traversal\n\n The vCenter Server Appliance (vCSA) contains a directory\n traversal vulnerability that allows an authenticated \n remote user to retrieve arbitrary files. Exploitation of\n this issue may expose sensitive information stored on the \n server. \n\n VMware would like to thank Alexander Minozhenko from ERPScan for\n reporting this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2012-6324 to this issue.\n\n b. vCenter Server Appliance arbitrary file download\n\n The vCenter Server Appliance (vCSA) contains an XML parsing \n vulnerability that allows an authenticated remote user to\n retrieve arbitrary files. Exploitation of this issue may\n expose sensitive information stored on the server.\n\n VMware would like to thank Alexander Minozhenko from ERPScan for\n reporting this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2012-6325 to this issue.\n\n c. Update to ESX glibc package\n\n The ESX glibc package is updated to version glibc-2.5-81.el5_8.1\n to resolve multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-5029, CVE-2009-5064,\n CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864\n CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480\n to these issues.\n\n d. vCenter Server and vCSA webservice logging denial of service\n\n The vCenter Server and vCenter Server Appliance (vCSA) both\n contain a vulnerability that allows unauthenticated remote \n users to create abnormally large log entries. Exploitation\n of this issue may allow an attacker to fill the system volume\n of the vCenter host or appliance VM and create a \n denial-of-service condition. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2012-6326 to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2013/000212.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2012-12-20\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESXi 5.0\", vib:\"VMware:esx-base:5.0.0-1.25.912577\")) flag++;\nif (esx_check(ver:\"ESXi 5.0\", vib:\"VMware:tools-light:5.0.0-1.25.912577\")) flag++;\n\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:esx-base:5.1.0-0.11.1063671\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:28:58", "description": "The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nUsers should upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120213)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:glibc", "p-cpe:/a:fermilab:scientific_linux:glibc-common", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:glibc-devel", "p-cpe:/a:fermilab:scientific_linux:glibc-headers", "p-cpe:/a:fermilab:scientific_linux:glibc-utils", "p-cpe:/a:fermilab:scientific_linux:nscd", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120213_GLIBC_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61244", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61244);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n\n script_name(english:\"Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120213)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1202&L=scientific-linux-errata&T=0&P=2446\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b70164f6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-debuginfo-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-debuginfo-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:22:47", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2012-02-14T00:00:00", "type": "nessus", "title": "RHEL 5 : glibc (RHSA-2012:0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "p-cpe:/a:redhat:enterprise_linux:glibc-headers", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:nscd", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/57929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57929);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"RHEL 5 : glibc (RHSA-2012:0126)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-5064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0830\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0126\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:22:46", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2012-02-14T00:00:00", "type": "nessus", "title": "CentOS 5 : glibc (CESA-2012:0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:glibc", "p-cpe:/a:centos:centos:glibc-common", "p-cpe:/a:centos:centos:glibc-devel", "p-cpe:/a:centos:centos:glibc-headers", "p-cpe:/a:centos:centos:glibc-utils", "p-cpe:/a:centos:centos:nscd", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/57924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126 and \n# CentOS Errata and Security Advisory 2012:0126 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57924);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"CentOS 5 : glibc (CESA-2012:0126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-February/018428.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e48699c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-5064\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:22:06", "description": "Various security vulnerabilities have been fixed in OpenSSL :\n\n - DTLS plaintext recovery attack. (CVE-2011-4108)\n\n - double-free in Policy Checks. (CVE-2011-4109)\n\n - uninitialized SSL 3.0 padding. (CVE-2011-4576)\n\n - malformed RFC 3779 data can cause assertion failures.\n (CVE-2011-4577)\n\n - SGC restart DoS attack (CVE-2011-4619)", "cvss3": {}, "published": "2012-01-17T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 5635)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:11:openssl", "p-cpe:/a:novell:suse_linux:11:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBOPENSSL-DEVEL-120111.NASL", "href": "https://www.tenable.com/plugins/nessus/57569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57569);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n\n script_name(english:\"SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 5635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various security vulnerabilities have been fixed in OpenSSL :\n\n - DTLS plaintext recovery attack. (CVE-2011-4108)\n\n - double-free in Policy Checks. (CVE-2011-4109)\n\n - uninitialized SSL 3.0 padding. (CVE-2011-4576)\n\n - malformed RFC 3779 data can cause assertion failures.\n (CVE-2011-4577)\n\n - SGC restart DoS attack (CVE-2011-4619)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=739719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4108.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4109.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4576.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4577.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4619.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5635.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"openssl-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"openssl-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libopenssl0_9_8-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-doc-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:21:52", "description": "Various security vulnerabilities have been fixed in OpenSSL :\n\n - DTLS plaintext recovery attack. (CVE-2011-4108)\n\n - double-free in Policy Checks. (CVE-2011-4109)\n\n - uninitialized SSL 3.0 padding. (CVE-2011-4576)\n\n - malformed RFC 3779 data can cause assertion failures.\n (CVE-2011-4577)\n\n - SGC restart DoS attack (CVE-2011-4619)", "cvss3": {}, "published": "2012-01-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7923)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENSSL-7923.NASL", "href": "https://www.tenable.com/plugins/nessus/57570", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57570);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n\n script_name(english:\"SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7923)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various security vulnerabilities have been fixed in OpenSSL :\n\n - DTLS plaintext recovery attack. (CVE-2011-4108)\n\n - double-free in Policy Checks. (CVE-2011-4109)\n\n - uninitialized SSL 3.0 padding. (CVE-2011-4576)\n\n - malformed RFC 3779 data can cause assertion failures.\n (CVE-2011-4577)\n\n - SGC restart DoS attack (CVE-2011-4619)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4108.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4109.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4576.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4577.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4619.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7923.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"openssl-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"openssl-devel-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-devel-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-doc-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.56.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.56.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:17:15", "description": "From Red Hat Security Advisory 2012:0126 :\n\nUpdated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : glibc (ELSA-2012-0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:glibc", "p-cpe:/a:oracle:linux:glibc-common", "p-cpe:/a:oracle:linux:glibc-devel", "p-cpe:/a:oracle:linux:glibc-headers", "p-cpe:/a:oracle:linux:glibc-utils", "p-cpe:/a:oracle:linux:nscd", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/68456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0126 and \n# Oracle Linux Security Advisory ELSA-2012-0126 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68456);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"Oracle Linux 5 : glibc (ELSA-2012-0126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0126 :\n\nUpdated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-February/002608.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:12:06", "description": "The version of OpenSSL running on the remote host is affected by the following vulnerabilities :\n\n - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. (CVE-2011-4108)\n\n - Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. (CVE-2011-4109)\n\n - The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.\n (CVE-2011-4576)\n\n - The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. (CVE-2011-4619)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)", "cvss3": {}, "published": "2014-04-16T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory3.asc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0050"], "modified": "2023-04-21T00:00:00", "cpe": ["cpe:/o:ibm:aix"], "id": "AIX_OPENSSL_ADVISORY3.NASL", "href": "https://www.tenable.com/plugins/nessus/73561", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73561);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4619\",\n \"CVE-2012-0050\"\n );\n script_bugtraq_id(51281, 51563);\n script_xref(name:\"CERT\", value:\"737740\");\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory3.asc\");\n script_summary(english:\"Checks the version of the openssl packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote AIX host is running a vulnerable version of OpenSSL.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL running on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The DTLS implementation in OpenSSL before 0.9.8s and 1.x\n before 1.0.0f performs a MAC check only if certain\n padding is valid, which makes it easier for remote\n attackers to recover plaintext via a padding oracle\n attack. (CVE-2011-4108)\n\n - Double free vulnerability in OpenSSL 0.9.8 before\n 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows\n remote attackers to have an unspecified impact by\n triggering failure of a policy check. (CVE-2011-4109)\n\n - The SSL 3.0 implementation in OpenSSL before 0.9.8s and\n 1.x before 1.0.0f does not properly initialize data\n structures for block cipher padding, which might allow\n remote attackers to obtain sensitive information by\n decrypting the padding data sent by an SSL peer.\n (CVE-2011-4576)\n\n - The Server Gated Cryptography (SGC) implementation in\n OpenSSL before 0.9.8s and 1.x before 1.0.0f does not\n properly handle handshake restarts, which allows remote\n attackers to cause a denial of service via unspecified\n vectors. (CVE-2011-4619)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS\n applications, which allows remote attackers to cause a\n denial of service via unspecified vectors. NOTE: this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available, and it can be downloaded from the AIX website.\n\nTo extract the fixes from the tar file :\n\n zcat openssl.0.9.8.1801.tar.Z | tar xvf -\n or\n zcat openssl-fips.12.9.8.1801.tar.Z | tar xvf -\n or\n zcat openssl.0.9.8.809.tar.Z | tar xvf -\n\nIMPORTANT : If possible, it is recommended that a mksysb backup of\nthe system be created. Verify it is both bootable and readable\nbefore proceeding.\n\nTo preview the fix installation :\n\n installp -apYd . openssl\n\nTo install the fix package :\n\n installp -aXYd . openssl\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/16\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item_or_exit(\"Host/AIX/version\");\nif ( oslevel != \"AIX-5.2\" && oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.2 / 5.3 / 6.1 / 7.1\", oslevel);\n}\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif (aix_check_package(release:\"5.2\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.808\", fixpackagever:\"0.9.8.809\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1800\", fixpackagever:\"0.9.8.1801\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1800\", fixpackagever:\"0.9.8.1801\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1800\", fixpackagever:\"0.9.8.1801\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1800\", fixpackagever:\"12.9.8.1801\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1800\", fixpackagever:\"12.9.8.1801\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1800\", fixpackagever:\"12.9.8.1801\") > 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base / openssl-fips.base\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:38:08", "description": "The remote host is affected by the vulnerability described in GLSA-201203-12 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in OpenSSL:\n Timing differences for decryption are exposed by CBC mode encryption in OpenSSL&rsquo;s implementation of DTLS (CVE-2011-4108).\n A policy check failure can result in a double-free error when X509_V_FLAG_POLICY_CHECK is set (CVE-2011-4109).\n Clients and servers using SSL 3.0 handshakes do not clear the block cipher padding, allowing a record to contain up to 15 bytes of uninitialized memory, which could include sensitive information (CVE-2011-4576).\n Assertion errors can occur during the handling of malformed X.509 certificates when OpenSSL is built with RFC 3779 support (CVE-2011-4577).\n A resource management error can occur when OpenSSL&rsquo;s server gated cryptography (SGC) does not properly handle handshake restarts (CVE-2011-4619).\n Invalid parameters in the GOST block cipher are not properly handled by the GOST ENGINE(CVE-2012-0027).\n An incorrect fix for CVE-2011-4108 creates an unspecified vulnerability for DTLS applications using OpenSSL (CVE-2012-0050).\n Impact :\n\n A remote attacker may be able to cause a Denial of Service or obtain sensitive information, including plaintext passwords.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-03-06T00:00:00", "type": "nessus", "title": "GLSA-201203-12 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201203-12.NASL", "href": "https://www.tenable.com/plugins/nessus/58222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201203-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58222);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\", \"CVE-2012-0050\");\n script_bugtraq_id(51281, 51563);\n script_xref(name:\"GLSA\", value:\"201203-12\");\n\n script_name(english:\"GLSA-201203-12 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201203-12\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in OpenSSL:\n Timing differences for decryption are exposed by CBC mode encryption\n in OpenSSL&rsquo;s implementation of DTLS (CVE-2011-4108).\n A policy check failure can result in a double-free error when\n X509_V_FLAG_POLICY_CHECK is set (CVE-2011-4109).\n Clients and servers using SSL 3.0 handshakes do not clear the block\n cipher padding, allowing a record to contain up to 15 bytes of\n uninitialized memory, which could include sensitive information\n (CVE-2011-4576).\n Assertion errors can occur during the handling of malformed X.509\n certificates when OpenSSL is built with RFC 3779 support\n (CVE-2011-4577).\n A resource management error can occur when OpenSSL&rsquo;s server gated\n cryptography (SGC) does not properly handle handshake restarts\n (CVE-2011-4619).\n Invalid parameters in the GOST block cipher are not properly handled\n by the GOST ENGINE(CVE-2012-0027).\n An incorrect fix for CVE-2011-4108 creates an unspecified\n vulnerability for DTLS applications using OpenSSL (CVE-2012-0050).\n \nImpact :\n\n A remote attacker may be able to cause a Denial of Service or obtain\n sensitive information, including plaintext passwords.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201203-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0g'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.0.0g\", \"rge 0.9.8t\", \"rge 0.9.8u\", \"rge 0.9.8v\", \"rge 0.9.8w\", \"rge 0.9.8x\", \"rge 0.9.8y\", \"rge 0.9.8z_p1\", \"rge 0.9.8z_p2\", \"rge 0.9.8z_p3\", \"rge 0.9.8z_p4\", \"rge 0.9.8z_p5\", \"rge 0.9.8z_p6\", \"rge 0.9.8z_p7\", \"rge 0.9.8z_p8\", \"rge 0.9.8z_p9\", \"rge 0.9.8z_p10\", \"rge 0.9.8z_p11\", \"rge 0.9.8z_p12\", \"rge 0.9.8z_p13\", \"rge 0.9.8z_p14\", \"rge 0.9.8z_p15\"), vulnerable:make_list(\"lt 1.0.0g\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:29:05", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. (CVE-2011-4108)\n\n - Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. (CVE-2011-4109)\n\n - The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.\n (CVE-2011-4576)\n\n - OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. (CVE-2011-4577)\n\n - The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. (CVE-2011-4619)\n\n - The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. (CVE-2012-0027)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : openssl (cve_2012_0050_denial_of)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:openssl"], "id": "SOLARIS11_OPENSSL_20120404.NASL", "href": "https://www.tenable.com/plugins/nessus/80715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80715);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\", \"CVE-2012-0050\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : openssl (cve_2012_0050_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The DTLS implementation in OpenSSL before 0.9.8s and 1.x\n before 1.0.0f performs a MAC check only if certain\n padding is valid, which makes it easier for remote\n attackers to recover plaintext via a padding oracle\n attack. (CVE-2011-4108)\n\n - Double free vulnerability in OpenSSL 0.9.8 before\n 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows\n remote attackers to have an unspecified impact by\n triggering failure of a policy check. (CVE-2011-4109)\n\n - The SSL 3.0 implementation in OpenSSL before 0.9.8s and\n 1.x before 1.0.0f does not properly initialize data\n structures for block cipher padding, which might allow\n remote attackers to obtain sensitive information by\n decrypting the padding data sent by an SSL peer.\n (CVE-2011-4576)\n\n - OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC\n 3779 support is enabled, allows remote attackers to\n cause a denial of service (assertion failure) via an\n X.509 certificate containing certificate-extension data\n associated with (1) IP address blocks or (2) Autonomous\n System (AS) identifiers. (CVE-2011-4577)\n\n - The Server Gated Cryptography (SGC) implementation in\n OpenSSL before 0.9.8s and 1.x before 1.0.0f does not\n properly handle handshake restarts, which allows remote\n attackers to cause a denial of service (CPU consumption)\n via unspecified vectors. (CVE-2011-4619)\n\n - The GOST ENGINE in OpenSSL before 1.0.0f does not\n properly handle invalid parameters for the GOST block\n cipher, which allows remote attackers to cause a denial\n of service (daemon crash) via crafted data from a TLS\n client. (CVE-2012-0027)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS\n applications, which allows remote attackers to cause a\n denial of service (crash) via unspecified vectors\n related to an out-of-bounds read. NOTE: this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2012-0050-denial-of-service-dos-vulnerability-in-openssl\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ecff53d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11/11 SRU 4a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:openssl\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^openssl$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.4.0.6.0\", sru:\"SRU 4a\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : openssl\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"openssl\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:24:40", "description": "An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029.\n\nThis updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers :\n\nCVE-2009-5029 and CVE-2011-4609 (glibc issues)\n\nCVE-2012-0056 (kernel issue)\n\nCVE-2011-4108 and CVE-2012-0050 (openssl issues)\n\nThis update also fixes the following bugs :\n\n* Previously, it was possible to begin a Hypervisor installation without any valid disks to install to.\n\nNow, if no valid disks are found for Hypervisor installation, a message is displayed informing the user that there are no valid disks for installation. (BZ#781471)\n\n* Previously, the user interface for the Hypervisor did not indicate whether the system was registered with Red Hat Network (RHN) Classic or RHN Satellite. As a result, customers could not easily determine the registration status of their Hypervisor installations.\n\nThe TUI has been updated to display the registration status of the Hypervisor. (BZ#788223)\n\n* Previously, autoinstall would fail if the firstboot or reinstall options were passed but local_boot or upgrade were not passed. Now, neither the local_boot or upgrade parameters are required for autoinstall. (BZ#788225)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues.", "cvss3": {}, "published": "2014-11-17T00:00:00", "type": "nessus", "title": "RHEL 6 : rhev-hypervisor6 (RHSA-2012:0109)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5029", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4609", "CVE-2011-4619", "CVE-2012-0029", "CVE-2012-0050", "CVE-2012-0056"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6", "p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6-tools", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-0109.NASL", "href": "https://www.tenable.com/plugins/nessus/79282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0109. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79282);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0029\");\n script_bugtraq_id(51281, 51642);\n script_xref(name:\"RHSA\", value:\"2012:0109\");\n\n script_name(english:\"RHEL 6 : rhev-hypervisor6 (RHSA-2012:0109)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rhev-hypervisor6 package that fixes multiple security\nissues and various bugs is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: A subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000\nnetwork interface card. A privileged guest user in a virtual machine\nwhose network interface is configured to use the e1000 emulated driver\ncould use this flaw to crash the host or, possibly, escalate their\nprivileges on the host. (CVE-2012-0029)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting\nCVE-2012-0029.\n\nThis updated package provides updated components that include fixes\nfor various security issues. These issues have no security impact on\nRed Hat Enterprise Virtualization Hypervisor itself, however. The\nsecurity fixes included in this update address the following CVE\nnumbers :\n\nCVE-2009-5029 and CVE-2011-4609 (glibc issues)\n\nCVE-2012-0056 (kernel issue)\n\nCVE-2011-4108 and CVE-2012-0050 (openssl issues)\n\nThis update also fixes the following bugs :\n\n* Previously, it was possible to begin a Hypervisor installation\nwithout any valid disks to install to.\n\nNow, if no valid disks are found for Hypervisor installation, a\nmessage is displayed informing the user that there are no valid disks\nfor installation. (BZ#781471)\n\n* Previously, the user interface for the Hypervisor did not indicate\nwhether the system was registered with Red Hat Network (RHN) Classic\nor RHN Satellite. As a result, customers could not easily determine\nthe registration status of their Hypervisor installations.\n\nThe TUI has been updated to display the registration status of the\nHypervisor. (BZ#788223)\n\n* Previously, autoinstall would fail if the firstboot or reinstall\noptions were passed but local_boot or upgrade were not passed. Now,\nneither the local_boot or upgrade parameters are required for\nautoinstall. (BZ#788225)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised\nto upgrade to this updated package, which fixes these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0029\"\n );\n # http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Virtualization/3.0/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44b2ccfe\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0109\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rhev-hypervisor6 and / or rhev-hypervisor6-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0109\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-6.2-20120209.0.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-tools-6.2-20120209.0.el6_2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhev-hypervisor6 / rhev-hypervisor6-tools\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:34:07", "description": "USN-1589-1 fixed vulnerabilities in the GNU C Library. One of the updates exposed a regression in the floating point parser. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nIt was discovered that positional arguments to the printf() family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code.\n(CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\nIt was discovered that multiple integer overflows existed in the strtod(), strtof() and strtold() functions in the GNU C Library. An attacker could possibly use this to trigger a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3480).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-12-18T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS : glibc regression (USN-1589-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libc6", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1589-2.NASL", "href": "https://www.tenable.com/plugins/nessus/63285", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1589-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63285);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_bugtraq_id(54982);\n script_xref(name:\"USN\", value:\"1589-2\");\n\n script_name(english:\"Ubuntu 8.04 LTS : glibc regression (USN-1589-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-1589-1 fixed vulnerabilities in the GNU C Library. One of the\nupdates exposed a regression in the floating point parser. This update\nfixes the problem.\n\nWe apologize for the inconvenience.\n\nIt was discovered that positional arguments to the printf() family of\nfunctions were not handled properly in the GNU C Library. An attacker\ncould possibly use this to cause a stack-based buffer overflow,\ncreating a denial of service or possibly execute arbitrary code.\n(CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\nIt was discovered that multiple integer overflows existed in\nthe strtod(), strtof() and strtold() functions in the GNU C\nLibrary. An attacker could possibly use this to trigger a\nstack-based buffer overflow, creating a denial of service or\npossibly execute arbitrary code. (CVE-2012-3480).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1589-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected libc6 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libc6\", pkgver:\"2.7-10ubuntu8.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libc6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:05:30", "description": "This collective update for the GNU C library (glibc) provides the following fixes :\n\n - Fix strtod integer/buffer overflows. (bnc#775690, CVE-2012-3480)\n\n - Fix vfprintf handling of many format specifiers.\n (bnc#770891, CVE-2012-3404 / CVE-2012-3405 / CVE-2012-3406)\n\n - Fix pthread_cond_timedwait stack unwinding. (bnc#750741, bnc#777233)\n\n - Improve fix for dynamic library unloading. (bnc#783060)\n\n - Fix resolver when first query fails, but second one succeeds. (bnc#767266)", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : glibc (SAT Patch Number 7110)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:glibc", "p-cpe:/a:novell:suse_linux:11:glibc-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-devel", "p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-html", "p-cpe:/a:novell:suse_linux:11:glibc-i18ndata", "p-cpe:/a:novell:suse_linux:11:glibc-info", "p-cpe:/a:novell:suse_linux:11:glibc-locale", "p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-profile", "p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit", "p-cpe:/a:novell:suse_linux:11:nscd", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GLIBC-121129.NASL", "href": "https://www.tenable.com/plugins/nessus/64150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64150);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n\n script_name(english:\"SuSE 11.2 Security Update : glibc (SAT Patch Number 7110)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This collective update for the GNU C library (glibc) provides the\nfollowing fixes :\n\n - Fix strtod integer/buffer overflows. (bnc#775690,\n CVE-2012-3480)\n\n - Fix vfprintf handling of many format specifiers.\n (bnc#770891, CVE-2012-3404 / CVE-2012-3405 /\n CVE-2012-3406)\n\n - Fix pthread_cond_timedwait stack unwinding. (bnc#750741,\n bnc#777233)\n\n - Improve fix for dynamic library unloading. (bnc#783060)\n\n - Fix resolver when first query fails, but second one\n succeeds. (bnc#767266)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=750741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=767266\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=770891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=775690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=777233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=783060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3405.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3406.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3480.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7110.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"glibc-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"glibc-devel-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"glibc-i18ndata-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"glibc-locale-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"nscd-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i686\", reference:\"glibc-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i686\", reference:\"glibc-devel-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-devel-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-i18ndata-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-locale-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"nscd-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-devel-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-html-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-i18ndata-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-info-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-locale-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"glibc-profile-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"nscd-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"glibc-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.3-17.43.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:32:30", "description": "It was discovered that positional arguments to the printf() family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code.\n(CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\nIt was discovered that multiple integer overflows existed in the strtod(), strtof() and strtold() functions in the GNU C Library. An attacker could possibly use this to trigger a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3480).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-02T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libc6", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1589-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62388", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1589-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62388);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\");\n script_bugtraq_id(54374, 54982);\n script_xref(name:\"USN\", value:\"1589-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that positional arguments to the printf() family of\nfunctions were not handled properly in the GNU C Library. An attacker\ncould possibly use this to cause a stack-based buffer overflow,\ncreating a denial of service or possibly execute arbitrary code.\n(CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\nIt was discovered that multiple integer overflows existed in the\nstrtod(), strtof() and strtold() functions in the GNU C Library. An\nattacker could possibly use this to trigger a stack-based buffer\noverflow, creating a denial of service or possibly execute arbitrary\ncode. (CVE-2012-3480).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1589-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected libc6 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libc6\", pkgver:\"2.7-10ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libc6\", pkgver:\"2.11.1-0ubuntu7.11\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libc6\", pkgver:\"2.13-0ubuntu13.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libc6\", pkgver:\"2.13-20ubuntu5.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libc6\", pkgver:\"2.15-0ubuntu10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libc6\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:34:42", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially crafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-01-25T00:00:00", "type": "nessus", "title": "RHEL 5 : openssl (RHSA-2012:0060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0060.NASL", "href": "https://www.tenable.com/plugins/nessus/57678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0060. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57678);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"RHSA\", value:\"2012:0060\");\n\n script_name(english:\"RHEL 5 : openssl (RHSA-2012:0060)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in\nOpenSSL. A remote attacker could use this flaw to crash an application\nthat uses OpenSSL by providing an X.509 certificate that has specially\ncrafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4619\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected openssl, openssl-devel and / or openssl-perl\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0060\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-0.9.8e-20.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-devel-0.9.8e-20.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openssl-perl-0.9.8e-20.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openssl-perl-0.9.8e-20.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.8e-20.el5_7.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:21:42", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "CentOS 6 : openssl (CESA-2012:0059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/57731", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0059 and \n# CentOS Errata and Security Advisory 2012:0059 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57731);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"RHSA\", value:\"2012:0059\");\n\n script_name(english:\"CentOS 6 : openssl (CESA-2012:0059)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-January/018396.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd0fba87\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4576\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl-static\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:21:09", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-01-25T00:00:00", "type": "nessus", "title": "RHEL 6 : openssl (RHSA-2012:0059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2012-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/57677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0059. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57677);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"RHSA\", value:\"2012:0059\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2012:0059)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4619\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0059\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:17:02", "description": "From Red Hat Security Advisory 2012:0059 :\n\nUpdated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : openssl (ELSA-2012-0059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-0059.NASL", "href": "https://www.tenable.com/plugins/nessus/68437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0059 and \n# Oracle Linux Security Advisory ELSA-2012-0059 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68437);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_bugtraq_id(51281, 51563);\n script_xref(name:\"RHSA\", value:\"2012:0059\");\n\n script_name(english:\"Oracle Linux 6 : openssl (ELSA-2012-0059)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0059 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-January/002569.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl-static\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:21:25", "description": "New upstream package with bugfixes and fixes for moderate and low impact CVEs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "nessus", "title": "Fedora 16 : openssl-1.0.0f-1.fc16 (2012-0232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-0232.NASL", "href": "https://www.tenable.com/plugins/nessus/57479", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-0232.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57479);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"FEDORA\", value:\"2012-0232\");\n\n script_name(english:\"Fedora 16 : openssl-1.0.0f-1.fc16 (2012-0232)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream package with bugfixes and fixes for moderate and low\nimpact CVEs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771780\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071789.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e303d3f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"openssl-1.0.0f-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:20:12", "description": "It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2012-38)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-38.NASL", "href": "https://www.tenable.com/plugins/nessus/69645", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-38.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69645);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_xref(name:\"ALAS\", value:\"2012-38\");\n script_xref(name:\"RHSA\", value:\"2012:0059\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2012-38)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-38.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.0g-1.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.0g-1.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.0g-1.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.0g-1.26.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.0g-1.26.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:29:37", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially crafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20120124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120124_OPENSSL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61224", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61224);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20120124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in\nOpenSSL. A remote attacker could use this flaw to crash an application\nthat uses OpenSSL by providing an X.509 certificate that has specially\ncrafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1201&L=scientific-linux-errata&T=0&P=1447\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36f0c920\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"openssl-0.9.8e-20.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-debuginfo-0.9.8e-20.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-devel-0.9.8e-20.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-perl-0.9.8e-20.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:33:22", "description": "Multiple vulnerabilities has been found and corrected in openssl :\n\nThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack (CVE-2011-4108).\n\nDouble free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check (CVE-2011-4109).\n\nThe SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer (CVE-2011-4576).\n\nThe Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors (CVE-2011-4619).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2012-01-17T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2012:006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel", "p-cpe:/a:mandriva:linux:libopenssl-engines1.0.0", "p-cpe:/a:mandriva:linux:libopenssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:openssl", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2012-006.NASL", "href": "https://www.tenable.com/plugins/nessus/57568", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:006. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57568);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"MDVSA\", value:\"2012:006\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2012:006)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in openssl :\n\nThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f\nperforms a MAC check only if certain padding is valid, which makes it\neasier for remote attackers to recover plaintext via a padding oracle\nattack (CVE-2011-4108).\n\nDouble free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when\nX509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have\nan unspecified impact by triggering failure of a policy check\n(CVE-2011-4109).\n\nThe SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before\n1.0.0f does not properly initialize data structures for block cipher\npadding, which might allow remote attackers to obtain sensitive\ninformation by decrypting the padding data sent by an SSL peer\n(CVE-2011-4576).\n\nThe Server Gated Cryptography (SGC) implementation in OpenSSL before\n0.9.8s and 1.x before 1.0.0f does not properly handle handshake\nrestarts, which allows remote attackers to cause a denial of service\nvia unspecified vectors (CVE-2011-4619).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20120104.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl-engines1.0.0-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8s-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-devel-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-static-devel-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl-engines1.0.0-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8s-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-devel-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-static-devel-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"openssl-1.0.0a-1.9mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:27:36", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially crafted X.509 certificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20120124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120124_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61225", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61225);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20120124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application\nusing OpenSSL exit unexpectedly by providing a specially crafted X.509\ncertificate that has malformed RFC 3779 extension data.\n(CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1201&L=scientific-linux-errata&T=0&P=1943\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?60ef0d7f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.0-20.el6_2.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.0-20.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:20:53", "description": "New upstream package with bugfixes and fixes for moderate and low impact CVEs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "nessus", "title": "Fedora 15 : openssl-1.0.0f-1.fc15 (2012-0250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-0250.NASL", "href": "https://www.tenable.com/plugins/nessus/57546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-0250.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57546);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\");\n script_xref(name:\"FEDORA\", value:\"2012-0250\");\n\n script_name(english:\"Fedora 15 : openssl-1.0.0f-1.fc15 (2012-0250)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream package with bugfixes and fixes for moderate and low\nimpact CVEs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=771780\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071944.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?004d146e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"openssl-1.0.0f-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:13:17", "description": "From Red Hat Security Advisory 2012:0060 :\n\nUpdated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially crafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : openssl (ELSA-2012-0060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0060.NASL", "href": "https://www.tenable.com/plugins/nessus/68438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0060 and \n# Oracle Linux Security Advisory ELSA-2012-0060 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68438);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_bugtraq_id(51281, 51563);\n script_xref(name:\"RHSA\", value:\"2012:0060\");\n\n script_name(english:\"Oracle Linux 5 : openssl (ELSA-2012-0060)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0060 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in\nOpenSSL. A remote attacker could use this flaw to crash an application\nthat uses OpenSSL by providing an X.509 certificate that has specially\ncrafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-January/002567.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"openssl-0.9.8e-20.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-devel-0.9.8e-20.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-perl-0.9.8e-20.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:22:10", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially crafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-01-26T00:00:00", "type": "nessus", "title": "CentOS 5 : openssl (CESA-2012:0060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-perl", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0060.NASL", "href": "https://www.tenable.com/plugins/nessus/57692", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0060 and \n# CentOS Errata and Security Advisory 2012:0060 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57692);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_bugtraq_id(51281);\n script_xref(name:\"RHSA\", value:\"2012:0060\");\n\n script_name(english:\"CentOS 5 : openssl (CESA-2012:0060)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that the Datagram Transport Layer Security (DTLS)\nprotocol implementation in OpenSSL leaked timing information when\nperforming certain operations. A remote attacker could possibly use\nthis flaw to retrieve plain text from the encrypted packets by using a\nDTLS server as a padding oracle. (CVE-2011-4108)\n\nA double free flaw was discovered in the policy checking code in\nOpenSSL. A remote attacker could use this flaw to crash an application\nthat uses OpenSSL by providing an X.509 certificate that has specially\ncrafted policy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol\nimplementation in OpenSSL. Incorrect initialization of SSL record\npadding bytes could cause an SSL client or server to send a limited\namount of possibly sensitive data to its SSL peer via the encrypted\nconnection. (CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A\nremote attacker could use this flaw to make a TLS/SSL server using\nOpenSSL consume an excessive amount of CPU by continuously restarting\nthe handshake. (CVE-2011-4619)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-February/018421.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1eaa5dfb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4109\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-0.9.8e-20.el5_7.1.0.1.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-devel-0.9.8e-20.el5_7.1.0.1.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-perl-0.9.8e-20.el5_7.1.0.1.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:20:58", "description": "The OpenSSL Team reports :\n\n6 security flaws have been fixed in OpenSSL 1.0.0f :\n\nIf X509_V_FLAG_POLICY_CHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free.\n\nOpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory.\n\nRFC 3779 data can be included in certificates, and if it is malformed, may trigger an assertion failure. This could be used in a denial-of-service attack.\n\nSupport for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack.\n\nA malicious TLS client can send an invalid set of GOST parameters which will cause the server to crash due to lack of error checking.\nThis could be used in a denial-of-service attack.", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "href": "https://www.tenable.com/plugins/nessus/57551", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57551);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_bugtraq_id(51281);\n\n script_name(english:\"FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The OpenSSL Team reports :\n\n6 security flaws have been fixed in OpenSSL 1.0.0f :\n\nIf X509_V_FLAG_POLICY_CHECK is set in OpenSSL 0.9.8, then a policy\ncheck failure can lead to a double-free.\n\nOpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as\nblock cipher padding in SSL 3.0 records. As a result, in each record,\nup to 15 bytes of uninitialized memory may be sent, encrypted, to the\nSSL peer. This could include sensitive contents of previously freed\nmemory.\n\nRFC 3779 data can be included in certificates, and if it is malformed,\nmay trigger an assertion failure. This could be used in a\ndenial-of-service attack.\n\nSupport for handshake restarts for server gated cryptograpy (SGC) can\nbe used in a denial-of-service attack.\n\nA malicious TLS client can send an invalid set of GOST parameters\nwhich will cause the server to crash due to lack of error checking.\nThis could be used in a denial-of-service attack.\"\n );\n # http://openssl.org/news/secadv/20120104.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20120104.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/78cc8a46-3e56-11e1-89b4-001ec9578670.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?726bda3b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl<1.0.0_8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:17", "description": "Versions of OpenSSL 0.9.8 earlier than 0.9.8s, and 1.0.0 earlier than 1.0.0f are potentially affected by the following vulnerabilities :\n\n - An extension of the Vaudenay padding oracle attack exists against CBC mode encryption which enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS. (CVE-2011-4108)\n\n - If x509_V_FLAG_POLICY_CHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. (CVE-2011-4109)\n\n - OpenSSL fails to clear the bytes used as block cipher padding in SSL 3.0 records. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. (CVE-2011-4576)\n\n - RFC 3779 data can be included in certificates, and if it is malformed, may trigger an assertion failure. This could be used in a denial-of-service attack. (CVE-2011-4577)\n\n - Support for handshake restarts for server gated cryptography (SGC) can be used in a denial-of-service attack. (CVE-2011-4619)\n\n - A malicious TLS client can send an invalid set of GOST parameters which will cause the server to crash due to a lack of error checking. (CVE-2012-0027)", "cvss3": {}, "published": "2012-01-05T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027"], "modified": "2012-01-05T00:00:00", "cpe": [], "id": "801059.PRM", "href": "https://www.tenable.com/plugins/lce/801059", "sourceData": "Binary data 801059.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:20:47", "description": "According to its banner, the remote web server is running a version of OpenSSL older than 0.9.8s. Such versions have the following vulnerabilities :\n\n - An error exists related to ECDSA signatures and binary curves. The implementation of curves over binary fields could allow a remote, unauthenticated attacker to determine private key material via timing attacks.\n (CVE-2011-1945)\n\n - The Datagram Transport Layer Security (DTLS) implementation is vulnerable to plaintext recovery attacks when decrypting in CBC mode. (CVE-2011-4108)\n\n - A double-free error exists during a policy check failure if the flag 'X509_V_FLAG_POLICY_CHECK' is set.\n (CVE-2011-4109)\n\n - An error exists related to SSLv3.0 records that can lead to disclosure of uninitialized memory because the library does not clear all bytes used as block cipher padding. (CVE-2011-4576)\n\n - An error exists related to RFC 3779 processing that can allow denial of service attacks. Note that this functionality is not enabled by default and must be configured at compile time via the 'enable-rfc3779' option. (CVE-2011-4577)\n\n - An error exists related to handshake restarts for server gated cryptography (SGC) that can allow denial of service attacks. (CVE-2011-4619)", "cvss3": {}, "published": "2012-01-09T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8s Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1945", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619"], "modified": "2023-08-22T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8S.NASL", "href": "https://www.tenable.com/plugins/nessus/57459", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(57459);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/22\");\n\n script_cve_id(\n \"CVE-2011-1945\",\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4577\",\n \"CVE-2011-4619\"\n );\n script_bugtraq_id(51281, 47888);\n script_xref(name:\"CERT\", value:\"536044\");\n\n script_name(english:\"OpenSSL < 0.9.8s Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server has multiple SSL-related vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL older than 0.9.8s. Such versions have the following\nvulnerabilities :\n\n - An error exists related to ECDSA signatures and binary\n curves. The implementation of curves over binary fields\n could allow a remote, unauthenticated attacker to\n determine private key material via timing attacks.\n (CVE-2011-1945)\n\n - The Datagram Transport Layer Security (DTLS)\n implementation is vulnerable to plaintext recovery\n attacks when decrypting in CBC mode. (CVE-2011-4108)\n\n - A double-free error exists during a policy check\n failure if the flag 'X509_V_FLAG_POLICY_CHECK' is set.\n (CVE-2011-4109)\n\n - An error exists related to SSLv3.0 records that can \n lead to disclosure of uninitialized memory because the\n library does not clear all bytes used as block cipher\n padding. (CVE-2011-4576)\n\n - An error exists related to RFC 3779 processing that can\n allow denial of service attacks. Note that this \n functionality is not enabled by default and must be\n configured at compile time via the 'enable-rfc3779'\n option. (CVE-2011-4577)\n\n - An error exists related to handshake restarts for \n server gated cryptography (SGC) that can allow denial\n of service attacks. (CVE-2011-4619)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20120104.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/changelog.html\"\n );\n # Google html cache of AlFardan & Paterson PDF\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c0f10f36\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2011/232.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"http://cvs.openssl.org/chngview?cn=21301\");\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to OpenSSL 0.9.8s or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4109\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\", \"openssl_nix_installed.nbin\", \"openssl_win_installed.nbin\");\n script_require_keys(\"installed_sw/OpenSSL\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras_openssl.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'OpenSSL');\n\nvcf::check_all_backporting(app_info:app_info);\n\nvar constraints = [{ 'min_version' : '0.0.0', 'fixed_version' : '0.9.8s'}];\n\nvcf::openssl::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:17", "description": "Versions of OpenSSL 0.9.8 earlier than 0.9.8s, and 1.0.0 earlier than 1.0.0f are potentially affected by the following vulnerabilities :\n\n - An extension of the Vaudenay padding oracle attack exists against CBC mode encryption which enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS. (CVE-2011-4108)\n\n - If x509_V_FLAG_POLICY_CHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. (CVE-2011-4109)\n\n - OpenSSL fails to clear the bytes used as block cipher padding in SSL 3.0 records. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. (CVE-2011-4576)\n\n - RFC 3779 data can be included in certificates, and if it is malformed, may trigger an assertion failure. This could be used in a denial-of-service attack. (CVE-2011-4577)\n\n - Support for handshake restarts for server gated cryptography (SGC) can be used in a denial-of-service attack. (CVE-2011-4619)\n\n - A malicious TLS client can send an invalid set of GOST parameters which will cause the server to crash due to a lack of error checking. (CVE-2012-0027)", "cvss3": {}, "published": "2012-01-05T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "6129.PRM", "href": "https://www.tenable.com/plugins/nnm/6129", "sourceData": "Binary data 6129.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:48:05", "description": "The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly.\n\nMultiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)\n\nThis update also fixes the following bug :\n\n - A programming error caused an internal array of nameservers to be only partially initialized when the /etc/resolv.conf file contained IPv6 nameservers.\n Depending on the contents of a nearby structure, this could cause certain applications to terminate unexpectedly with a segmentation fault. The programming error has been fixed, which restores proper behavior with IPv6 nameservers listed in the /etc/resolv.conf file.\n\nAll users of glibc are advised to upgrade to these updated packages, which contain backported patches to fix these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:glibc", "p-cpe:/a:fermilab:scientific_linux:glibc-common", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:glibc-devel", "p-cpe:/a:fermilab:scientific_linux:glibc-headers", "p-cpe:/a:fermilab:scientific_linux:glibc-static", "p-cpe:/a:fermilab:scientific_linux:glibc-utils", "p-cpe:/a:fermilab:scientific_linux:nscd", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120718_GLIBC_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61369", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61369);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n\n script_name(english:\"Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The glibc packages provide the standard C and standard math libraries\nused by multiple programs on the system. Without these libraries, the\nLinux system cannot function properly.\n\nMultiple errors in glibc's formatted printing functionality could\nallow an attacker to bypass FORTIFY_SOURCE protections and execute\narbitrary code using a format string flaw in an application, even\nthough these protections are expected to limit the impact of such\nflaws to an application abort. (CVE-2012-3404, CVE-2012-3405,\nCVE-2012-3406)\n\nThis update also fixes the following bug :\n\n - A programming error caused an internal array of\n nameservers to be only partially initialized when the\n /etc/resolv.conf file contained IPv6 nameservers.\n Depending on the contents of a nearby structure, this\n could cause certain applications to terminate\n unexpectedly with a segmentation fault. The programming\n error has been fixed, which restores proper behavior\n with IPv6 nameservers listed in the /etc/resolv.conf\n file.\n\nAll users of glibc are advised to upgrade to these updated packages,\nwhich contain backported patches to fix these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=5595\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8eb6dd77\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"glibc-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-common-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-common-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-devel-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-headers-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-static-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-utils-2.12-1.80.el6_3.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nscd-2.12-1.80.el6_3.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:19:17", "description": "Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : glibc (ALAS-2012-109)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:glibc", "p-cpe:/a:amazon:linux:glibc-common", "p-cpe:/a:amazon:linux:glibc-debuginfo", "p-cpe:/a:amazon:linux:glibc-debuginfo-common", "p-cpe:/a:amazon:linux:glibc-devel", "p-cpe:/a:amazon:linux:glibc-headers", "p-cpe:/a:amazon:linux:glibc-static", "p-cpe:/a:amazon:linux:glibc-utils", "p-cpe:/a:amazon:linux:nscd", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-109.NASL", "href": "https://www.tenable.com/plugins/nessus/69599", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-109.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69599);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\");\n script_xref(name:\"ALAS\", value:\"2012-109\");\n script_xref(name:\"RHSA\", value:\"2012:1098\");\n\n script_name(english:\"Amazon Linux AMI : glibc (ALAS-2012-109)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple errors in glibc's formatted printing functionality could\nallow an attacker to bypass FORTIFY_SOURCE protections and execute\narbitrary code using a format string flaw in an application, even\nthough these protections are expected to limit the impact of such\nflaws to an application abort.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-109.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update glibc' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"glibc-2.12-1.80.40.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-common-2.12-1.80.40.amzn1\")) flag++;\nif (rpm_check(r