ID VMWARE_ESXI_5_1_BUILD_2323236_REMOTE.NASL Type nessus Reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. Modified 2020-10-02T00:00:00
Description
The remote VMware ESXi host is version 5.1 prior to build 2323236. It
is, therefore, affected by the following vulnerabilities in bundled
third-party libraries :
Multiple vulnerabilities exist in the bundled Python
library. (CVE-2011-3389, CVE-2012-0845, CVE-2012-0876,
CVE-2012-1150, CVE-2013-1752, CVE-2013-4238)
Multiple vulnerabilities exist in the bundled GNU C
Library (glibc). (CVE-2013-0242, CVE-2013-1914,
CVE-2013-4332)
Multiple vulnerabilities exist in the bundled XML
Parser library (libxml2). (CVE-2013-2877, CVE-2014-0191)
Multiple vulnerabilities exist in the bundled cURL
library (libcurl). (CVE-2014-0015, CVE-2014-0138)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(79862);
script_version("1.14");
script_cvs_date("Date: 2019/09/24 15:02:54");
script_cve_id(
"CVE-2011-3389",
"CVE-2012-0845",
"CVE-2012-0876",
"CVE-2012-1150",
"CVE-2013-0242",
"CVE-2013-1752",
"CVE-2013-1914",
"CVE-2013-2877",
"CVE-2013-4238",
"CVE-2013-4332",
"CVE-2014-0015",
"CVE-2014-0138",
"CVE-2014-0191"
);
script_bugtraq_id(
49778,
51239,
51996,
52379,
57638,
58839,
61050,
61738,
62324,
63804,
65270,
66457,
67233
);
script_xref(name:"VMSA", value:"2014-0008");
script_xref(name:"VMSA", value:"2014-0012");
script_xref(name:"CERT", value:"864643");
script_name(english:"ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST)");
script_summary(english:"Checks the ESXi version and build number.");
script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESXi 5.1 host is affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote VMware ESXi host is version 5.1 prior to build 2323236. It
is, therefore, affected by the following vulnerabilities in bundled
third-party libraries :
- Multiple vulnerabilities exist in the bundled Python
library. (CVE-2011-3389, CVE-2012-0845, CVE-2012-0876,
CVE-2012-1150, CVE-2013-1752, CVE-2013-4238)
- Multiple vulnerabilities exist in the bundled GNU C
Library (glibc). (CVE-2013-0242, CVE-2013-1914,
CVE-2013-4332)
- Multiple vulnerabilities exist in the bundled XML
Parser library (libxml2). (CVE-2013-2877, CVE-2014-0191)
- Multiple vulnerabilities exist in the bundled cURL
library (libcurl). (CVE-2014-0015, CVE-2014-0138)");
# https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2086288
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5994bfcf");
script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2014-0008.html");
script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2014-0012.html");
script_set_attribute(attribute:"solution", value:"Apply patch ESXi510-201412101-SG for ESXi 5.1.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/31");
script_set_attribute(attribute:"patch_publication_date", value:"2014/12/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/12");
script_set_attribute(attribute:"in_the_news", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
script_family(english:"Misc.");
script_dependencies("vmware_vsphere_detect.nbin");
script_require_keys("Host/VMware/version", "Host/VMware/release");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
ver = get_kb_item_or_exit("Host/VMware/version");
rel = get_kb_item_or_exit("Host/VMware/release");
if ("ESXi" >!< rel) audit(AUDIT_OS_NOT, "ESXi");
if ("VMware ESXi 5.1" >!< rel) audit(AUDIT_OS_NOT, "ESXi 5.1");
match = eregmatch(pattern:'^VMware ESXi.*build-([0-9]+)$', string:rel);
if (isnull(match)) exit(1, 'Failed to extract the ESXi build number.');
build = int(match[1]);
fixed_build = 2323236;
if (build < fixed_build)
{
if (report_verbosity > 0)
{
report = '\n ESXi version : ' + ver +
'\n Installed build : ' + build +
'\n Fixed build : ' + fixed_build +
'\n';
security_warning(port:0, extra:report);
}
else security_warning(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, "VMware ESXi", ver - "ESXi " + " build " + build);
{"nessus": [{"lastseen": "2020-10-01T03:46:04", "description": "The remote VMware ESXi host is affected by multiple vulnerabilities :\n\n - Multiple denial of service vulnerabilities exist in\n Python function _read_status() in library httplib and\n in function readline() in libraries smtplib, ftplib,\n nntplib, imaplib, and poplib. A remote attacker can\n exploit these vulnerabilities to crash the module.\n (CVE-2013-1752)\n\n - A out-of-bounds read error exists in file parser.c in\n library libxml2 due to a failure to properly check the\n XML_PARSER_EOF state. An unauthenticated, remote\n attacker can exploit this, via a crafted document that\n abruptly ends, to cause a denial of service.\n (CVE-2013-2877)\n\n - A spoofing vulnerability exists in the Python SSL module\n in the ssl.match_hostname() function due to improper\n handling of the NULL character ('\\0') in a domain name\n in the Subject Alternative Name field of an X.509\n certificate. A man-in-the-middle attacker can exploit\n this, via a crafted certificate issued by a legitimate\n certification authority, to spoof arbitrary SSL servers.\n (CVE-2013-4238)\n\n - cURL and libcurl are affected by a flaw related to the\n re-use of NTLM connections whenever more than one\n authentication method is enabled. An unauthenticated,\n remote attacker can exploit this, via a crafted request,\n to connect and impersonate other users. (CVE-2014-0015)\n\n - The default configuration in cURL and libcurl reuses the\n SCP, SFTP, POP3, POP3S, IMAP, IMAPS, SMTP, SMTPS, LDAP,\n and LDAPS connections. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to \n connect and impersonate other users. (CVE-2014-0138)\n\n - A flaw exists in the xmlParserHandlePEReference()\n function in file parser.c in libxml2 due to loading\n external entities regardless of entity substitution or\n validation being enabled. An unauthenticated, remote\n attacker can exploit this, via a crafted XML document,\n to exhaust resources, resulting in a denial of service.\n (CVE-2014-0191)", "edition": 22, "published": "2015-12-30T00:00:00", "title": "VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-0138"], "modified": "2020-10-02T00:00:00", "cpe": ["cpe:/o:vmware:esxi:5.0", "cpe:/o:vmware:esxi:5.5", "cpe:/o:vmware:esxi:5.1"], "id": "VMWARE_VMSA-2014-0012_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/87681", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87681);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/08/06 14:03:16\");\n\n script_cve_id(\n \"CVE-2013-1752\",\n \"CVE-2013-2877\",\n \"CVE-2013-4238\",\n \"CVE-2014-0015\",\n \"CVE-2014-0138\",\n \"CVE-2014-0191\"\n );\n script_bugtraq_id(\n 61050,\n 61738,\n 63804,\n 65270,\n 66457,\n 67233\n );\n script_xref(name:\"VMSA\", value:\"2014-0012\");\n\n script_name(english:\"VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012)\");\n script_summary(english:\"Checks the version and build numbers of the remote host.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESXi host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESXi host is affected by multiple vulnerabilities :\n\n - Multiple denial of service vulnerabilities exist in\n Python function _read_status() in library httplib and\n in function readline() in libraries smtplib, ftplib,\n nntplib, imaplib, and poplib. A remote attacker can\n exploit these vulnerabilities to crash the module.\n (CVE-2013-1752)\n\n - A out-of-bounds read error exists in file parser.c in\n library libxml2 due to a failure to properly check the\n XML_PARSER_EOF state. An unauthenticated, remote\n attacker can exploit this, via a crafted document that\n abruptly ends, to cause a denial of service.\n (CVE-2013-2877)\n\n - A spoofing vulnerability exists in the Python SSL module\n in the ssl.match_hostname() function due to improper\n handling of the NULL character ('\\0') in a domain name\n in the Subject Alternative Name field of an X.509\n certificate. A man-in-the-middle attacker can exploit\n this, via a crafted certificate issued by a legitimate\n certification authority, to spoof arbitrary SSL servers.\n (CVE-2013-4238)\n\n - cURL and libcurl are affected by a flaw related to the\n re-use of NTLM connections whenever more than one\n authentication method is enabled. An unauthenticated,\n remote attacker can exploit this, via a crafted request,\n to connect and impersonate other users. (CVE-2014-0015)\n\n - The default configuration in cURL and libcurl reuses the\n SCP, SFTP, POP3, POP3S, IMAP, IMAPS, SMTP, SMTPS, LDAP,\n and LDAPS connections. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to \n connect and impersonate other users. (CVE-2014-0138)\n\n - A flaw exists in the xmlParserHandlePEReference()\n function in file parser.c in libxml2 due to loading\n external entities regardless of entity substitution or\n validation being enabled. An unauthenticated, remote\n attacker can exploit this, via a crafted XML document,\n to exhaust resources, resulting in a denial of service.\n (CVE-2014-0191)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2014-0012\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.vmware.com/pipermail/security-announce/2015/000287.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESXi version 5.0 / 5.1 / 5.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.5\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\n\npci = FALSE;\npci = get_kb_item(\"Settings/PCI_DSS\");\n\nif (\"ESXi\" >!< rel)\n audit(AUDIT_OS_NOT, \"VMware ESXi\");\n\nesx = \"ESXi\";\n\nextract = eregmatch(pattern:\"^ESXi (\\d\\.\\d).*$\", string:ver);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_APP_VER, \"VMware ESXi\");\nelse\n ver = extract[1];\n\nfixes = make_array(\n \"5.0\", \"See vendor\",\n \"5.1\", \"2323236\",\n \"5.5\", \"See vendor\"\n );\n\nfix = FALSE;\nfix = fixes[ver];\n\n# get the build before checking the fix for the most complete audit trail\nextract = eregmatch(pattern:'^VMware ESXi.* build-([0-9]+)$', string:rel);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_BUILD, \"VMware ESXi\", ver);\n\nbuild = int(extract[1]);\n\n# if there is no fix in the array, fix is FALSE\nif(!fix)\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware ESXi\", ver, build);\n\nif (!pci && fix == \"See vendor\")\n audit(AUDIT_PCI);\n\nvuln = FALSE;\n\n# This is for PCI reporting\nif (pci && fix == \"See vendor\")\n vuln = TRUE;\nelse if (build < fix )\n vuln = TRUE;\n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version : ESXi ' + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fix +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else\n security_warning(port:port);\n\n exit(0);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware ESXi\", ver, build);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-10-01T03:46:04", "description": "a. VMware vCSA cross-site scripting vulnerability\n\n VMware vCenter Server Appliance (vCSA) contains a vulnerability\n that may allow for Cross Site Scripting. Exploitation of this \n vulnerability in vCenter Server requires tricking a user to click\n on a malicious link or to open a malicious web page. \n\n VMware would like to thank Tanya Secker of Trustwave SpiderLabs for \n reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) \n has assigned the name CVE-2014-3797 to this issue. \n\nb. vCenter Server certificate validation issue\n\n vCenter Server does not properly validate the presented certificate \n when establishing a connection to a CIM Server residing on an ESXi \n host. This may allow for a Man-in-the-middle attack against the CIM \n service.\n\n VMware would like to thank The Google Security Team for reporting \n this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the identifier CVE-2014-8371 to this issue. \n\n c. Update to ESXi libxml2 package\n\n libxml2 is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2013-2877 and\n CVE-2014-0191 to these issues. \n\n d. Update to ESXi Curl package\n\n Curl is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2014-0015 and \n CVE-2014-0138 to these issues. \n\n e. Update to ESXi Python package\n\n Python is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2013-1752 and \n CVE-2013-4238 to these issues. \n\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\n\n Oracle has documented the CVE identifiers that are addressed in \n JRE 1.6.0 update 81 in the Oracle Java SE Critical Patch Update\n Advisory of July 2014. The References section provides a link to\n this advisory.", "edition": 20, "published": "2014-12-06T00:00:00", "title": "VMSA-2014-0012 : VMware vSphere product updates address security vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "modified": "2020-10-02T00:00:00", "cpe": ["cpe:/o:vmware:esxi:5.1"], "id": "VMWARE_VMSA-2014-0012.NASL", "href": "https://www.tenable.com/plugins/nessus/79762", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2014-0012. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79762);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/24 15:02:54\");\n\n script_cve_id(\"CVE-2013-1752\", \"CVE-2013-2877\", \"CVE-2013-4238\", \"CVE-2014-0015\", \"CVE-2014-0138\", \"CVE-2014-0191\", \"CVE-2014-3797\", \"CVE-2014-8371\");\n script_bugtraq_id(61050, 61738, 63804, 65270, 66457, 67233, 71492, 71493);\n script_xref(name:\"VMSA\", value:\"2014-0012\");\n\n script_name(english:\"VMSA-2014-0012 : VMware vSphere product updates address security vulnerabilities\");\n script_summary(english:\"Checks esxupdate output for the patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote VMware ESXi host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. VMware vCSA cross-site scripting vulnerability\n\n VMware vCenter Server Appliance (vCSA) contains a vulnerability\n that may allow for Cross Site Scripting. Exploitation of this \n vulnerability in vCenter Server requires tricking a user to click\n on a malicious link or to open a malicious web page. \n\n VMware would like to thank Tanya Secker of Trustwave SpiderLabs for \n reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) \n has assigned the name CVE-2014-3797 to this issue. \n\nb. vCenter Server certificate validation issue\n\n vCenter Server does not properly validate the presented certificate \n when establishing a connection to a CIM Server residing on an ESXi \n host. This may allow for a Man-in-the-middle attack against the CIM \n service.\n\n VMware would like to thank The Google Security Team for reporting \n this issue to us.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the identifier CVE-2014-8371 to this issue. \n\n c. Update to ESXi libxml2 package\n\n libxml2 is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2013-2877 and\n CVE-2014-0191 to these issues. \n\n d. Update to ESXi Curl package\n\n Curl is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2014-0015 and \n CVE-2014-0138 to these issues. \n\n e. Update to ESXi Python package\n\n Python is updated to address multiple security issues. \n\n The Common Vulnerabilities and Exposures project \n (cve.mitre.org) has assigned the names CVE-2013-1752 and \n CVE-2013-4238 to these issues. \n\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\n\n Oracle has documented the CVE identifiers that are addressed in \n JRE 1.6.0 update 81 in the Oracle Java SE Critical Patch Update\n Advisory of July 2014. The References section provides a link to\n this advisory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2015/000287.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2014-12-04\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:esx-base:5.1.0-2.47.2323231\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:esx_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-10-01T02:45:17", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The SSL protocol, as used in certain configurations in\n Microsoft Windows and Microsoft Internet Explorer,\n Mozilla Firefox, Google Chrome, Opera, and other\n products, encrypts data by using CBC mode with chained\n initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n (1) the HTML5 WebSocket API, (2) the Java URLConnection\n API, or (3) the Silverlight WebClient API, aka a 'BEAST'\n attack. (CVE-2011-3389)\n\n - SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python\n before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and\n 3.2.x before 3.2.3 allows remote attackers to cause a\n denial of service (infinite loop and CPU consumption)\n via an XML-RPC POST request that contains a smaller\n amount of data than specified by the Content-Length\n header. (CVE-2012-0845)\n\n - The XML parser (xmlparse.c) in expat before 2.1.0\n computes hash values without restricting the ability to\n trigger hash collisions predictably, which allows\n context-dependent attackers to cause a denial of service\n (CPU consumption) via an XML file with many identifiers\n with the same value. (CVE-2012-0876)\n\n - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before\n 3.1.5, and 3.2.x before 3.2.3 computes hash values\n without restricting the ability to trigger hash\n collisions predictably, which allows context-dependent\n attackers to cause a denial of service (CPU consumption)\n via crafted input to an application that maintains a\n hash table. (CVE-2012-1150)", "edition": 21, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "modified": "2020-10-02T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:python", "cpe:/o:oracle:solaris:11.1"], "id": "SOLARIS11_PYTHON_20130410.NASL", "href": "https://www.tenable.com/plugins/nessus/80749", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80749);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1150\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The SSL protocol, as used in certain configurations in\n Microsoft Windows and Microsoft Internet Explorer,\n Mozilla Firefox, Google Chrome, Opera, and other\n products, encrypts data by using CBC mode with chained\n initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n (1) the HTML5 WebSocket API, (2) the Java URLConnection\n API, or (3) the Silverlight WebClient API, aka a 'BEAST'\n attack. (CVE-2011-3389)\n\n - SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python\n before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and\n 3.2.x before 3.2.3 allows remote attackers to cause a\n denial of service (infinite loop and CPU consumption)\n via an XML-RPC POST request that contains a smaller\n amount of data than specified by the Content-Length\n header. (CVE-2012-0845)\n\n - The XML parser (xmlparse.c) in expat before 2.1.0\n computes hash values without restricting the ability to\n trigger hash collisions predictably, which allows\n context-dependent attackers to cause a denial of service\n (CPU consumption) via an XML file with many identifiers\n with the same value. (CVE-2012-0876)\n\n - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before\n 3.1.5, and 3.2.x before 3.2.3 computes hash values\n without restricting the ability to trigger hash\n collisions predictably, which allows context-dependent\n attackers to cause a denial of service (CPU consumption)\n via crafted input to an application that maintains a\n hash table. (CVE-2012-1150)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-python\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a660295\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:python\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^python-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.0.0.0.0\", sru:\"SRU 0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : python\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"python\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-10-01T05:11:43", "description": "Multiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)", "edition": 21, "published": "2013-12-23T00:00:00", "title": "Amazon Linux AMI : glibc (ALAS-2013-270)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "modified": "2020-10-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:glibc-debuginfo", "p-cpe:/a:amazon:linux:glibc-devel", "p-cpe:/a:amazon:linux:glibc-utils", "p-cpe:/a:amazon:linux:nscd", "p-cpe:/a:amazon:linux:glibc", "p-cpe:/a:amazon:linux:glibc-common", "p-cpe:/a:amazon:linux:glibc-debuginfo-common", "p-cpe:/a:amazon:linux:glibc-static", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:glibc-headers"], "id": "ALA_ALAS-2013-270.NASL", "href": "https://www.tenable.com/plugins/nessus/71582", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-270.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71582);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_xref(name:\"ALAS\", value:\"2013-270\");\n script_xref(name:\"RHSA\", value:\"2013:1605\");\n\n script_name(english:\"Amazon Linux AMI : glibc (ALAS-2013-270)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-270.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update glibc' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"glibc-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-common-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-debuginfo-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-debuginfo-common-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-devel-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-headers-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-static-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-utils-2.12-1.132.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nscd-2.12-1.132.45.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-25T08:55:50", "description": "From Red Hat Security Advisory 2013:1605 :\n\nUpdated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.", "edition": 21, "published": "2013-11-27T00:00:00", "title": "Oracle Linux 6 : glibc (ELSA-2013-1605)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "modified": "2013-11-27T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:nscd", "p-cpe:/a:oracle:linux:glibc-devel", "p-cpe:/a:oracle:linux:glibc-utils", "p-cpe:/a:oracle:linux:glibc-static", "p-cpe:/a:oracle:linux:glibc-headers", "p-cpe:/a:oracle:linux:glibc-common", "p-cpe:/a:oracle:linux:glibc"], "id": "ORACLELINUX_ELSA-2013-1605.NASL", "href": "https://www.tenable.com/plugins/nessus/71106", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:1605 and \n# Oracle Linux Security Advisory ELSA-2013-1605 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71106);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_bugtraq_id(57638, 58839, 62324);\n script_xref(name:\"RHSA\", value:\"2013:1605\");\n\n script_name(english:\"Oracle Linux 6 : glibc (ELSA-2013-1605)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:1605 :\n\nUpdated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-November/003806.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"glibc-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-devel-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-static-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-10-01T00:38:03", "description": "Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.", "edition": 22, "published": "2012-09-06T00:00:00", "title": "Mandriva Linux Security Advisory : python (MDVSA-2012:097)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "modified": "2020-10-02T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:lib64python2.7", "p-cpe:/a:mandriva:linux:libpython-devel", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:libpython2.7", "p-cpe:/a:mandriva:linux:lib64python-devel"], "id": "MANDRIVA_MDVSA-2012-097.NASL", "href": "https://www.tenable.com/plugins/nessus/61956", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:097. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61956);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:54\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_bugtraq_id(\n 49778,\n 51239,\n 51996,\n 52379,\n 52732\n );\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2012:097)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-docs-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-apps-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-25T09:50:06", "description": "Multiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n - Due to a defect in the initial release of the\n getaddrinfo() system call in Scientific Linux 6.0,\n AF_INET and AF_INET6 queries resolved from the\n /etc/hosts file returned queried names as canonical\n names. This incorrect behavior is, however, still\n considered to be the expected behavior. As a result of a\n recent change in getaddrinfo(), AF_INET6 queries started\n resolving the canonical names correctly. However, this\n behavior was unexpected by applications that relied on\n queries resolved from the /etc/hosts file, and these\n applications could thus fail to operate properly. This\n update applies a fix ensuring that AF_INET6 queries\n resolved from /etc/hosts always return the queried name\n as canonical. Note that DNS lookups are resolved\n properly and always return the correct canonical names.\n A proper fix to AF_INET6 queries resolution from\n /etc/hosts may be applied in future releases; for now,\n due to a lack of standard, Red Hat suggests the first\n entry in the /etc/hosts file, that applies for the IP\n address being resolved, to be considered the canonical\n entry.", "edition": 15, "published": "2013-12-04T00:00:00", "title": "Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20131121)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "modified": "2013-12-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:glibc", "p-cpe:/a:fermilab:scientific_linux:glibc-common", "p-cpe:/a:fermilab:scientific_linux:glibc-static", "p-cpe:/a:fermilab:scientific_linux:glibc-devel", "p-cpe:/a:fermilab:scientific_linux:nscd", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:glibc-utils", "p-cpe:/a:fermilab:scientific_linux:glibc-headers"], "id": "SL_20131121_GLIBC_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/71193", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71193);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n\n script_name(english:\"Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20131121)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n - Due to a defect in the initial release of the\n getaddrinfo() system call in Scientific Linux 6.0,\n AF_INET and AF_INET6 queries resolved from the\n /etc/hosts file returned queried names as canonical\n names. This incorrect behavior is, however, still\n considered to be the expected behavior. As a result of a\n recent change in getaddrinfo(), AF_INET6 queries started\n resolving the canonical names correctly. However, this\n behavior was unexpected by applications that relied on\n queries resolved from the /etc/hosts file, and these\n applications could thus fail to operate properly. This\n update applies a fix ensuring that AF_INET6 queries\n resolved from /etc/hosts always return the queried name\n as canonical. Note that DNS lookups are resolved\n properly and always return the correct canonical names.\n A proper fix to AF_INET6 queries resolution from\n /etc/hosts may be applied in future releases; for now,\n due to a lack of standard, Red Hat suggests the first\n entry in the /etc/hosts file, that applies for the IP\n address being resolved, to be considered the canonical\n entry.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=448\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ae8b87b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"glibc-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-common-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-devel-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-static-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-25T05:23:00", "description": "Updated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.", "edition": 24, "published": "2014-11-12T00:00:00", "title": "CentOS 6 : glibc (CESA-2013:1605)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "modified": "2014-11-12T00:00:00", "cpe": ["p-cpe:/a:centos:centos:glibc-common", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:nscd", "p-cpe:/a:centos:centos:glibc-utils", "p-cpe:/a:centos:centos:glibc-devel", "p-cpe:/a:centos:centos:glibc-static", "p-cpe:/a:centos:centos:glibc-headers", "p-cpe:/a:centos:centos:glibc"], "id": "CENTOS_RHSA-2013-1605.NASL", "href": "https://www.tenable.com/plugins/nessus/79166", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1605 and \n# CentOS Errata and Security Advisory 2013:1605 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79166);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_bugtraq_id(57638, 58839, 62324);\n script_xref(name:\"RHSA\", value:\"2013:1605\");\n\n script_name(english:\"CentOS 6 : glibc (CESA-2013:1605)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-November/000947.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f77df32f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0242\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-devel-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-static-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-25T09:14:55", "description": "Updated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.", "edition": 24, "published": "2013-11-21T00:00:00", "title": "RHEL 6 : glibc (RHSA-2013:1605)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "modified": "2013-11-21T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:glibc-static", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "p-cpe:/a:redhat:enterprise_linux:nscd", "p-cpe:/a:redhat:enterprise_linux:glibc-headers", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common"], "id": "REDHAT-RHSA-2013-1605.NASL", "href": "https://www.tenable.com/plugins/nessus/71009", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1605. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71009);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_bugtraq_id(57638, 58839, 62324);\n script_xref(name:\"RHSA\", value:\"2013:1605\");\n\n script_name(english:\"RHEL 6 : glibc (RHSA-2013:1605)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix three security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in glibc's memory allocator functions (pvalloc,\nvalloc, and memalign). If an application used such a function, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that\nprocess multibyte character input. If an application utilized the\nglibc regular expression matching mechanism, an attacker could provide\nspecially crafted input that, when processed, would cause the\napplication to crash. (CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack\nmemory used during name resolution. An attacker able to make an\napplication resolve an attacker-controlled hostname or IP address\ncould possibly cause the application to exhaust all stack memory and\ncrash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug :\n\n* Due to a defect in the initial release of the getaddrinfo() system\ncall in Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries\nresolved from the /etc/hosts file returned queried names as canonical\nnames. This incorrect behavior is, however, still considered to be the\nexpected behavior. As a result of a recent change in getaddrinfo(),\nAF_INET6 queries started resolving the canonical names correctly.\nHowever, this behavior was unexpected by applications that relied on\nqueries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix\nensuring that AF_INET6 queries resolved from /etc/hosts always return\nthe queried name as canonical. Note that DNS lookups are resolved\nproperly and always return the correct canonical names. A proper fix\nto AF_INET6 queries resolution from /etc/hosts may be applied in\nfuture releases; for now, due to a lack of standard, Red Hat suggests\nthe first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these changes\nin this advisory. Users are directed to the Red Hat Enterprise Linux\n6.5 Technical Notes, linked to in the References, for information on\nthe most significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-4332\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1605\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-common-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-debuginfo-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-debuginfo-common-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-devel-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-headers-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-static-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-utils-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nscd-2.12-1.132.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T13:57:01", "description": "Rebase of Python 3 ('python3') from 3.2 to 3.2.3 bringing in security\nfixes, along with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2012-05-04T00:00:00", "title": "Fedora 15 : python3-3.2.3-1.fc15 (2012-5916) (BEAST)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0845"], "modified": "2012-05-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5916.NASL", "href": "https://www.tenable.com/plugins/nessus/58979", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5916.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58979);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-5916\");\n\n script_name(english:\"Fedora 15 : python3-3.2.3-1.fc15 (2012-5916) (BEAST)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rebase of Python 3 ('python3') from 3.2 to 3.2.3 bringing in security\nfixes, along with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://python.org/download/releases/3.2.3/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.python.org/download/releases/3.2.3/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a2c301b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"python3-3.2.3-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:23:01", "bulletinFamily": "software", "cvelist": ["CVE-2014-0139", "CVE-2014-0015", "CVE-2014-0138"], "edition": 1, "description": "Recommended Action\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should avoid using the local **cURL** utility on the vulnerable system, if feasible. Additionally, you should only permit access to the system over a secure network and limit login access to trusted users. For more information about securing access to the system, refer to SOL13092: Overview of securing access to the BIG-IP system. \n\n\n**ARX**\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should only permit access to the ARX system over a secure network and limit login access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2014-11-25T00:00:00", "published": "2014-11-25T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15862.html", "id": "SOL15862", "title": "SOL15862 - Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139", "type": "f5", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-04-06T22:39:57", "bulletinFamily": "software", "cvelist": ["CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-09-12T00:17:00", "published": "2018-09-12T00:17:00", "id": "F5:K75910138", "href": "https://support.f5.com/csp/article/K75910138", "title": "Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150", "type": "f5", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-10-12T02:11:08", "bulletinFamily": "software", "cvelist": ["CVE-2013-4238", "CVE-2009-2408"], "edition": 1, "description": " \n\n\nThe ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. ([CVE-2013-4238](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>)) \n\n\nImpact \n\n\nNone. No F5 products are affected by this vulnerability. \n\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2016-01-09T02:20:00", "published": "2014-09-29T23:41:00", "href": "https://support.f5.com/csp/article/K15638", "id": "F5:K15638", "title": "Python vulnerability CVE-2013-4238", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-06T22:39:33", "bulletinFamily": "software", "cvelist": ["CVE-2013-1752"], "description": "\nF5 Product Development has assigned IDs 537982 and 673537 (BIG-IP) and ID 672772 (Enterprise Manager) to this vulnerability. Additionally, [F5 iHealth](<https://www.f5.com/services/support/support-offerings/big-ip-ihealth-diagnostic-tool>) may list Heuristic H53192206 on the **Diagnostics** > **Identified** > **Medium** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 \n11.4.1 - 11.6.1 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP AAM | 12.0.0 \n11.4.1 - 11.6.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP AFM | 12.0.0 \n11.4.1 - 11.6.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP Analytics | 12.0.0 \n11.4.1 - 11.6.1 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP APM | 12.0.0 \n11.4.1 - 11.6.1 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP ASM | 12.0.0 \n11.4.1 - 11.6.1 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP DNS | 12.0.0 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP Edge Gateway | 11.2.1 | None | Medium | Python and Jython \nBIG-IP GTM | 11.4.1 - 11.6.1 \n11.2.1 | None | Medium | Python and Jython \nBIG-IP Link Controller | 12.0.0 \n11.4.1 - 11.6.1 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP PEM | 12.0.0 \n11.4.1 - 11.6.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nBIG-IP PSM | 11.4.1 | None | Medium | Python and Jython \nBIG-IP WebAccelerator | 11.2.1 | None | Medium | Python and Jython \nBIG-IP WebSafe | 12.0.0 \n11.6.0 - 11.6.1 | 13.0.0 \n12.1.0 - 12.1.2 | Medium | Python and Jython \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Low | Python and Jython \nBIG-IQ Cloud | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.2.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 - 2.2.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable1 | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None \n \n1The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, ensure Python and Jython scripts communicate only with trusted servers.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "edition": 1, "modified": "2019-07-19T20:14:00", "published": "2017-07-21T22:13:00", "id": "F5:K53192206", "href": "https://support.f5.com/csp/article/K53192206", "title": "Python and Jython vulnerability CVE-2013-1752", "type": "f5", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-11-09T00:09:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-4238", "CVE-2009-2408"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2014-10-17T00:00:00", "published": "2014-09-29T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15638.html", "id": "SOL15638", "title": "SOL15638 - Python vulnerability CVE-2013-4238", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-15T01:08:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "edition": 1, "description": "\nF5 Product Development has assigned ID 388737 (BIG-IP) to these vulnerabilities, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H16949 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AAM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP AFM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Analytics | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP APM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP ASM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Edge Gateway | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP GTM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP Link Controller | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PEM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP PSM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 - 11.6.0 | Medium | xmlparse.c \nBIG-IP WebAccelerator | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nBIG-IP WOM | 11.0.0 - 11.2.1* \n10.1.0 - 10.2.4* | 11.3.0 | Medium | xmlparse.c \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.0 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 | Not vulnerable | None \n \n* **Important**: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP ASM\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-08-14T23:30:00", "published": "2015-07-11T03:06:00", "href": "https://support.f5.com/csp/article/K16949", "id": "F5:K16949", "type": "f5", "title": "Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:06", "bulletinFamily": "software", "cvelist": ["CVE-2012-1148", "CVE-2012-0876"], "edition": 1, "description": "**Important**: *Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the** Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\n**BIG-IP ASM**\n\nWhen the BIG-IP ASM system is provisioned, the custom attack signature portion of the Web UI is vulnerable; this situation requires an administrative-level user to interface with the vulnerable component.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-06-28T00:00:00", "published": "2015-07-10T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/900/sol16949.html", "id": "SOL16949", "title": "SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "vmware": [{"lastseen": "2019-11-06T16:05:33", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "description": "**a. VMware vCSA cross-site scripting vulnerability** \nVMware vCenter Server Appliance (vCSA) contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page. \nVMware would like to thank Tanya Secker of Trustwave SpiderLabs for reporting this issue to us. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3797 to this issue. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "edition": 4, "modified": "2015-01-27T00:00:00", "published": "2014-12-04T00:00:00", "id": "VMSA-2014-0012", "href": "https://www.vmware.com/security/advisories/VMSA-2014-0012.html", "title": "VMware vSphere product updates address security vulnerabilities", "type": "vmware", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "cve": [{"lastseen": "2020-10-03T12:46:04", "description": "Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.", "edition": 3, "cvss3": {}, "published": "2013-10-09T22:55:00", "title": "CVE-2013-4332", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4332"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/a:gnu:glibc:2.12.1", "cpe:/a:gnu:glibc:2.1.3", "cpe:/a:gnu:glibc:2.17", "cpe:/a:gnu:glibc:2.12.2", "cpe:/a:gnu:glibc:2.1.1", "cpe:/o:redhat:enterprise_linux:5", "cpe:/a:gnu:glibc:2.11.3", "cpe:/a:gnu:glibc:2.0.3", "cpe:/a:gnu:glibc:2.15", "cpe:/a:gnu:glibc:2.16", "cpe:/a:gnu:glibc:2.1.2", "cpe:/a:gnu:glibc:2.1.1.6", "cpe:/a:gnu:glibc:2.11", "cpe:/a:gnu:glibc:2.14", "cpe:/a:gnu:glibc:2.0", "cpe:/a:gnu:glibc:2.11.1", "cpe:/a:gnu:glibc:2.13", "cpe:/a:gnu:glibc:2.18", "cpe:/a:gnu:glibc:2.0.2", "cpe:/a:gnu:glibc:2.10.1", "cpe:/a:gnu:glibc:2.0.4", "cpe:/a:gnu:glibc:2.1", "cpe:/a:gnu:glibc:2.0.6", "cpe:/a:gnu:glibc:2.0.5", "cpe:/a:gnu:glibc:2.11.2", "cpe:/a:gnu:glibc:2.0.1", "cpe:/a:gnu:glibc:2.1.9", "cpe:/a:gnu:glibc:2.14.1"], "id": "CVE-2013-4332", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4332", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:46:04", "description": "The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "edition": 5, "cvss3": {}, "published": "2013-08-18T02:52:00", "title": "CVE-2013-4238", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4238"], "modified": "2019-10-25T11:53:00", "cpe": ["cpe:/a:python:python:2.6.3", "cpe:/a:python:python:2.6.8", "cpe:/a:python:python:3.0.1", "cpe:/a:python:python:2.7.1150", "cpe:/a:python:python:3.1.1", "cpe:/a:python:python:3.2", "cpe:/a:python:python:2.7.2150", "cpe:/a:python:python:3.1.2", "cpe:/a:python:python:2.6.5", "cpe:/a:python:python:2.7.3", "cpe:/a:python:python:2.6.2", "cpe:/a:python:python:3.1", "cpe:/a:python:python:2.6.6", "cpe:/a:python:python:2.6.7", "cpe:/a:python:python:2.7.2", "cpe:/a:python:python:3.0", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/a:python:python:2.6.2150", "cpe:/a:python:python:3.2.3", "cpe:/a:python:python:3.3", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:python:python:2.7.1", "cpe:/a:python:python:3.1.3", "cpe:/a:python:python:3.4", "cpe:/a:python:python:3.1.5", "cpe:/a:python:python:2.6.4", "cpe:/a:python:python:2.6.1", "cpe:/a:python:python:3.1.2150", "cpe:/a:python:python:3.1.4", "cpe:/a:python:python:3.2.2150", "cpe:/o:opensuse:opensuse:12.3", "cpe:/a:python:python:2.6.6150"], "id": "CVE-2013-4238", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4238", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:11", "description": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.", "edition": 3, "cvss3": {}, "published": "2015-01-21T14:59:00", "title": "CVE-2014-0191", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0191"], "modified": "2017-08-29T01:34:00", "cpe": ["cpe:/a:oracle:fusion_middleware:11.1.1.7.0", "cpe:/a:oracle:fusion_middleware:12.1.2.0.0", "cpe:/a:oracle:fusion_middleware:12.1.3.0.0"], "id": "CVE-2014-0191", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0191", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:fusion_middleware:12.1.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware:12.1.3.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:46:01", "description": "parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.", "edition": 3, "cvss3": {}, "published": "2013-07-10T10:55:00", "title": "CVE-2013-2877", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2877"], "modified": "2018-10-09T19:34:00", "cpe": ["cpe:/a:google:chrome:28.0.1500.12", "cpe:/a:xmlsoft:libxml2:2.7.4", "cpe:/a:google:chrome:28.0.1500.43", "cpe:/a:xmlsoft:libxml2:2.1.1", "cpe:/a:xmlsoft:libxml2:2.4.13", "cpe:/a:google:chrome:28.0.1500.68", "cpe:/a:xmlsoft:libxml2:2.6.27", "cpe:/a:google:chrome:28.0.1500.63", "cpe:/a:xmlsoft:libxml2:2.5.10", "cpe:/a:xmlsoft:libxml2:2.3.7", "cpe:/a:google:chrome:28.0.1500.50", "cpe:/a:google:chrome:28.0.1500.58", "cpe:/a:xmlsoft:libxml2:2.4.15", "cpe:/a:xmlsoft:libxml2:2.0.0", "cpe:/a:xmlsoft:libxml2:2.4.28", "cpe:/a:xmlsoft:libxml2:2.6.17", "cpe:/a:xmlsoft:libxml2:1.8.4", "cpe:/a:google:chrome:28.0.1500.42", "cpe:/a:xmlsoft:libxml2:2.4.18", "cpe:/a:xmlsoft:libxml2:2.4.1", "cpe:/a:xmlsoft:libxml2:1.8.5", "cpe:/a:xmlsoft:libxml2:2.7.0", "cpe:/a:xmlsoft:libxml2:2.3.5", "cpe:/a:google:chrome:28.0.1500.52", "cpe:/a:google:chrome:28.0.1500.11", "cpe:/a:xmlsoft:libxml2:2.6.7", "cpe:/a:xmlsoft:libxml2:2.6.2", "cpe:/a:xmlsoft:libxml2:2.3.4", "cpe:/a:xmlsoft:libxml2:1.8.1", "cpe:/a:xmlsoft:libxml2:2.4.5", "cpe:/a:google:chrome:28.0.1500.21", "cpe:/a:google:chrome:28.0.1500.64", "cpe:/a:google:chrome:28.0.1500.36", "cpe:/a:google:chrome:28.0.1500.61", "cpe:/a:xmlsoft:libxml2:2.2.6", "cpe:/a:xmlsoft:libxml2:1.8.0", "cpe:/a:google:chrome:28.0.1500.47", "cpe:/a:xmlsoft:libxml2:2.6.24", "cpe:/a:google:chrome:28.0.1500.4", "cpe:/a:google:chrome:28.0.1500.5", "cpe:/a:google:chrome:28.0.1500.28", "cpe:/a:xmlsoft:libxml2:2.5.4", "cpe:/a:google:chrome:28.0.1500.70", "cpe:/a:google:chrome:28.0.1500.40", "cpe:/a:xmlsoft:libxml2:2.5.7", "cpe:/a:xmlsoft:libxml2:2.3.1", "cpe:/a:google:chrome:28.0.1500.37", "cpe:/a:xmlsoft:libxml2:2.4.10", "cpe:/a:xmlsoft:libxml2:2.4.12", "cpe:/a:xmlsoft:libxml2:2.6.20", "cpe:/a:google:chrome:28.0.1500.18", "cpe:/a:xmlsoft:libxml2:2.6.11", "cpe:/a:google:chrome:28.0.1500.8", "cpe:/a:google:chrome:28.0.1500.10", "cpe:/a:xmlsoft:libxml2:2.3.12", "cpe:/a:google:chrome:28.0.1500.38", "cpe:/a:xmlsoft:libxml2:2.7.5", "cpe:/a:google:chrome:28.0.1500.66", "cpe:/a:xmlsoft:libxml2:2.6.32", "cpe:/a:xmlsoft:libxml2:2.4.24", "cpe:/a:xmlsoft:libxml2:1.7.0", "cpe:/a:xmlsoft:libxml2:2.5.11", "cpe:/a:google:chrome:28.0.1500.35", "cpe:/a:google:chrome:28.0.1500.51", "cpe:/a:xmlsoft:libxml2:2.2.0", "cpe:/a:google:chrome:28.0.1500.48", "cpe:/a:google:chrome:28.0.1500.26", "cpe:/a:google:chrome:28.0.1500.19", "cpe:/a:xmlsoft:libxml2:2.2.4", "cpe:/a:google:chrome:28.0.1500.23", "cpe:/a:xmlsoft:libxml2:2.4.26", "cpe:/a:xmlsoft:libxml2:2.6.14", "cpe:/a:xmlsoft:libxml2:2.7.7", "cpe:/a:google:chrome:28.0.1500.34", "cpe:/a:xmlsoft:libxml2:2.8.0", "cpe:/a:xmlsoft:libxml2:2.2.5", "cpe:/a:google:chrome:28.0.1500.27", "cpe:/a:xmlsoft:libxml2:2.3.0", "cpe:/a:xmlsoft:libxml2:2.6.3", "cpe:/a:xmlsoft:libxml2:2.6.25", "cpe:/a:google:chrome:28.0.1500.46", "cpe:/a:xmlsoft:libxml2:2.4.16", "cpe:/a:google:chrome:28.0.1500.29", "cpe:/a:xmlsoft:libxml2:2.3.10", "cpe:/a:google:chrome:28.0.1500.15", "cpe:/a:xmlsoft:libxml2:1.7.4", "cpe:/a:xmlsoft:libxml2:2.6.18", "cpe:/a:xmlsoft:libxml2:1.8.16", "cpe:/a:xmlsoft:libxml2:2.3.6", "cpe:/a:xmlsoft:libxml2:2.4.30", "cpe:/a:xmlsoft:libxml2:2.6.30", "cpe:/a:xmlsoft:libxml2:2.6.13", "cpe:/a:xmlsoft:libxml2:2.6.28", "cpe:/a:xmlsoft:libxml2:2.4.8", "cpe:/a:xmlsoft:libxml2:2.4.29", "cpe:/a:google:chrome:28.0.1500.22", "cpe:/a:xmlsoft:libxml2:2.2.8", "cpe:/a:xmlsoft:libxml2:1.7.2", "cpe:/a:xmlsoft:libxml2:2.4.11", "cpe:/a:xmlsoft:libxml2:2.6.23", "cpe:/a:google:chrome:28.0.1500.2", "cpe:/a:google:chrome:28.0.1500.59", "cpe:/a:xmlsoft:libxml2:1.8.9", "cpe:/a:xmlsoft:libxml2:2.3.8", "cpe:/a:xmlsoft:libxml2:2.6.1", "cpe:/a:xmlsoft:libxml2:1.8.2", "cpe:/a:xmlsoft:libxml2:2.6.22", "cpe:/a:xmlsoft:libxml2:2.6.12", "cpe:/a:xmlsoft:libxml2:2.6.26", "cpe:/a:google:chrome:28.0.1500.45", "cpe:/a:xmlsoft:libxml2:2.4.3", "cpe:/a:xmlsoft:libxml2:2.2.2", "cpe:/a:xmlsoft:libxml2:2.4.27", "cpe:/a:google:chrome:28.0.1500.62", "cpe:/a:xmlsoft:libxml2:2.6.8", "cpe:/a:google:chrome:28.0.1500.24", "cpe:/a:xmlsoft:libxml2:2.4.2", "cpe:/a:google:chrome:28.0.1500.39", "cpe:/a:xmlsoft:libxml2:2.7.3", "cpe:/a:xmlsoft:libxml2:2.3.14", "cpe:/a:google:chrome:28.0.1500.54", "cpe:/a:xmlsoft:libxml2:2.3.11", "cpe:/a:xmlsoft:libxml2:2.7.8", "cpe:/a:xmlsoft:libxml2:2.4.6", "cpe:/a:xmlsoft:libxml2:2.4.22", "cpe:/a:xmlsoft:libxml2:2.6.9", "cpe:/a:google:chrome:28.0.1500.41", "cpe:/a:xmlsoft:libxml2:1.8.7", "cpe:/a:xmlsoft:libxml2:2.4.9", "cpe:/a:xmlsoft:libxml2:2.4.23", "cpe:/a:xmlsoft:libxml2:2.6.31", "cpe:/a:google:chrome:28.0.1500.14", "cpe:/a:xmlsoft:libxml2:2.5.0", "cpe:/a:xmlsoft:libxml2:2.4.25", "cpe:/a:xmlsoft:libxml2:2.2.7", "cpe:/a:xmlsoft:libxml2:2.5.8", "cpe:/a:google:chrome:28.0.1500.44", "cpe:/a:xmlsoft:libxml2:1.8.13", "cpe:/a:google:chrome:28.0.1500.6", "cpe:/a:google:chrome:28.0.1500.33", "cpe:/a:google:chrome:28.0.1500.56", "cpe:/a:xmlsoft:libxml2:1.7.1", "cpe:/a:xmlsoft:libxml2:2.7.2", "cpe:/a:xmlsoft:libxml2:2.3.3", "cpe:/a:xmlsoft:libxml2:2.4.19", "cpe:/a:google:chrome:28.0.1500.20", "cpe:/a:xmlsoft:libxml2:2.6.29", "cpe:/a:google:chrome:28.0.1500.32", "cpe:/a:xmlsoft:libxml2:2.4.4", "cpe:/a:xmlsoft:libxml2:1.7.3", "cpe:/a:xmlsoft:libxml2:2.4.14", "cpe:/a:xmlsoft:libxml2:2.3.9", "cpe:/a:xmlsoft:libxml2:2.6.6", "cpe:/a:xmlsoft:libxml2:2.6.16", "cpe:/a:xmlsoft:libxml2:2.6.5", "cpe:/a:xmlsoft:libxml2:2.4.7", "cpe:/a:google:chrome:28.0.1500.17", "cpe:/a:xmlsoft:libxml2:2.2.10", "cpe:/a:google:chrome:28.0.1500.25", "cpe:/a:xmlsoft:libxml2:2.6.21", "cpe:/a:xmlsoft:libxml2:1.8.14", "cpe:/a:xmlsoft:libxml2:2.7.6", "cpe:/a:google:chrome:28.0.1500.9", "cpe:/a:google:chrome:28.0.1500.0", "cpe:/a:xmlsoft:libxml2:2.6.4", "cpe:/a:xmlsoft:libxml2:2.4.17", "cpe:/a:xmlsoft:libxml2:2.2.3", "cpe:/a:google:chrome:28.0.1500.31", "cpe:/a:xmlsoft:libxml2:2.2.11", "cpe:/a:xmlsoft:libxml2:2.1.0", "cpe:/a:xmlsoft:libxml2:2.3.2", "cpe:/a:google:chrome:28.0.1500.16", "cpe:/a:xmlsoft:libxml2:1.8.6", "cpe:/a:xmlsoft:libxml2:2.4.21", "cpe:/a:xmlsoft:libxml2:2.9.0", "cpe:/a:xmlsoft:libxml2:1.8.3", "cpe:/a:xmlsoft:libxml2:2.4.20", "cpe:/a:xmlsoft:libxml2:2.3.13", "cpe:/a:google:chrome:28.0.1500.49", "cpe:/a:xmlsoft:libxml2:2.2.9", "cpe:/a:google:chrome:28.0.1500.3", "cpe:/a:xmlsoft:libxml2:2.7.1", "cpe:/a:google:chrome:28.0.1500.60", "cpe:/a:xmlsoft:libxml2:2.2.1", "cpe:/a:google:chrome:28.0.1500.53", "cpe:/a:xmlsoft:libxml2:1.8.10", "cpe:/a:xmlsoft:libxml2:2.6.0", "cpe:/a:google:chrome:28.0.1500.13"], "id": "CVE-2013-2877", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2877", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.70:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:01:11", "description": "The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.", "edition": 3, "cvss3": {}, "published": "2014-04-15T14:55:00", "title": "CVE-2014-0138", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0138"], "modified": "2018-10-09T19:36:00", "cpe": ["cpe:/a:haxx:libcurl:7.31.0", "cpe:/a:haxx:curl:7.29.0", "cpe:/a:haxx:libcurl:7.16.0", "cpe:/a:haxx:curl:7.21.1", "cpe:/a:haxx:libcurl:7.13.1", "cpe:/a:haxx:curl:7.13.0", "cpe:/a:haxx:curl:7.16.3", "cpe:/a:haxx:curl:7.30.0", "cpe:/a:haxx:curl:7.26.0", "cpe:/a:haxx:libcurl:7.29.0", "cpe:/a:haxx:libcurl:7.16.1", "cpe:/a:haxx:curl:7.19.3", "cpe:/a:haxx:curl:7.18.1", "cpe:/a:haxx:curl:7.15.2", "cpe:/a:haxx:curl:7.19.2", "cpe:/a:haxx:curl:7.24.0", "cpe:/a:haxx:libcurl:7.11.1", "cpe:/a:haxx:curl:7.16.4", "cpe:/a:haxx:libcurl:7.18.1", "cpe:/a:haxx:curl:7.21.5", "cpe:/a:haxx:libcurl:7.19.1", "cpe:/a:haxx:libcurl:7.19.2", "cpe:/a:haxx:libcurl:7.22.0", "cpe:/a:haxx:curl:7.13.1", "cpe:/a:haxx:curl:7.35.0", "cpe:/a:haxx:curl:7.10.6", "cpe:/a:haxx:curl:7.21.2", "cpe:/a:haxx:libcurl:7.35.0", "cpe:/a:haxx:libcurl:7.26.0", "cpe:/a:haxx:curl:7.21.4", "cpe:/a:haxx:libcurl:7.25.0", "cpe:/a:haxx:libcurl:7.21.4", "cpe:/a:haxx:curl:7.21.0", "cpe:/a:haxx:libcurl:7.13.2", "cpe:/a:haxx:libcurl:7.34.0", "cpe:/a:haxx:curl:7.15.0", "cpe:/a:haxx:libcurl:7.19.7", "cpe:/a:haxx:curl:7.21.7", "cpe:/a:haxx:curl:7.20.0", "cpe:/a:haxx:curl:7.25.0", "cpe:/a:haxx:libcurl:7.12.1", "cpe:/a:haxx:curl:7.19.0", "cpe:/a:haxx:curl:7.12.2", "cpe:/a:haxx:curl:7.16.0", "cpe:/a:haxx:curl:7.10.7", "cpe:/a:haxx:libcurl:7.15.5", "cpe:/a:haxx:libcurl:7.33.0", "cpe:/a:haxx:curl:7.34.0", "cpe:/a:haxx:curl:7.18.2", "cpe:/a:haxx:curl:7.18.0", "cpe:/a:haxx:curl:7.19.7", "cpe:/a:haxx:libcurl:7.20.0", "cpe:/a:haxx:libcurl:7.32.0", "cpe:/a:haxx:libcurl:7.12.2", "cpe:/a:haxx:curl:7.16.1", "cpe:/a:haxx:libcurl:7.16.2", "cpe:/a:haxx:curl:7.27.0", "cpe:/a:haxx:libcurl:7.15.4", "cpe:/a:haxx:curl:7.21.6", "cpe:/a:haxx:libcurl:7.19.6", "cpe:/a:haxx:curl:7.23.1", "cpe:/a:haxx:libcurl:7.28.0", "cpe:/a:haxx:libcurl:7.15.2", "cpe:/a:haxx:libcurl:7.19.0", "cpe:/a:haxx:libcurl:7.19.4", "cpe:/a:haxx:libcurl:7.15.0", "cpe:/a:haxx:libcurl:7.21.0", "cpe:/a:haxx:curl:7.31.0", "cpe:/a:haxx:curl:7.15.4", "cpe:/a:haxx:curl:7.11.0", "cpe:/a:haxx:libcurl:7.11.0", "cpe:/a:haxx:libcurl:7.12.0", "cpe:/a:haxx:libcurl:7.24.0", "cpe:/a:haxx:libcurl:7.16.3", "cpe:/a:haxx:curl:7.19.6", "cpe:/a:haxx:libcurl:7.14.1", "cpe:/a:haxx:libcurl:7.21.6", "cpe:/a:haxx:libcurl:7.12.3", "cpe:/a:haxx:libcurl:7.23.0", "cpe:/a:haxx:curl:7.15.1", "cpe:/a:haxx:libcurl:7.17.0", "cpe:/a:haxx:curl:7.17.1", "cpe:/a:haxx:curl:7.15.3", "cpe:/a:haxx:libcurl:7.27.0", "cpe:/a:haxx:curl:7.32.0", "cpe:/a:haxx:libcurl:7.28.1", "cpe:/a:haxx:libcurl:7.11.2", "cpe:/a:haxx:libcurl:7.16.4", "cpe:/a:haxx:curl:7.23.0", "cpe:/a:haxx:curl:7.15.5", "cpe:/a:haxx:curl:7.14.1", "cpe:/a:haxx:curl:7.14.0", "cpe:/a:haxx:libcurl:7.17.1", "cpe:/a:haxx:curl:7.11.2", "cpe:/a:haxx:curl:7.11.1", "cpe:/a:haxx:libcurl:7.21.2", "cpe:/a:haxx:curl:7.12.1", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:haxx:libcurl:7.14.0", "cpe:/a:haxx:curl:7.20.1", "cpe:/a:haxx:curl:7.33.0", "cpe:/a:haxx:libcurl:7.21.3", "cpe:/a:haxx:curl:7.19.4", "cpe:/a:haxx:curl:7.21.3", "cpe:/a:haxx:curl:7.13.2", "cpe:/a:haxx:libcurl:7.23.1", "cpe:/a:haxx:curl:7.12.3", "cpe:/a:haxx:libcurl:7.20.1", "cpe:/a:haxx:libcurl:7.15.1", "cpe:/a:haxx:curl:7.17.0", "cpe:/a:haxx:curl:7.19.1", "cpe:/a:haxx:libcurl:7.13.0", "cpe:/a:haxx:libcurl:7.21.1", "cpe:/a:haxx:curl:7.28.1", "cpe:/a:haxx:libcurl:7.30.0", "cpe:/a:haxx:libcurl:7.21.7", "cpe:/a:haxx:curl:7.10.8", "cpe:/a:haxx:curl:7.19.5", "cpe:/a:haxx:libcurl:7.19.3", "cpe:/a:haxx:curl:7.22.0", "cpe:/a:haxx:libcurl:7.21.5", "cpe:/a:haxx:libcurl:7.10.7", "cpe:/a:haxx:libcurl:7.15.3", "cpe:/a:haxx:libcurl:7.10.6", "cpe:/a:haxx:libcurl:7.18.0", "cpe:/a:haxx:curl:7.28.0", "cpe:/a:haxx:libcurl:7.19.5", "cpe:/a:haxx:libcurl:7.10.8", "cpe:/a:haxx:curl:7.16.2", "cpe:/a:haxx:curl:7.12.0", "cpe:/a:haxx:libcurl:7.18.2"], "id": "CVE-2014-0138", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0138", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:45:53", "description": "Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.", "edition": 3, "cvss3": {}, "published": "2013-02-08T20:55:00", "title": "CVE-2013-0242", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0242"], "modified": "2017-08-29T01:33:00", "cpe": ["cpe:/a:gnu:glibc:2.17"], "id": "CVE-2013-0242", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0242", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:01", "description": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.", "edition": 3, "cvss3": {}, "published": "2012-07-03T19:55:00", "title": "CVE-2012-0876", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0876"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:libexpat:expat:1.95.7", "cpe:/a:libexpat:expat:2.0.1", "cpe:/a:libexpat:expat:1.95.1", "cpe:/a:libexpat:expat:1.95.5", "cpe:/a:libexpat:expat:2.0.0", "cpe:/a:libexpat:expat:1.95.4", "cpe:/a:libexpat:expat:1.95.6", "cpe:/a:libexpat:expat:1.95.2", "cpe:/a:libexpat:expat:1.95.8"], "id": "CVE-2012-0876", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0876", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:libexpat:expat:1.95.7:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.5:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.2:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.1:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.8:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.4:*:*:*:*:*:*:*", "cpe:2.3:a:libexpat:expat:1.95.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:01", "description": "Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 5, "cvss3": {}, "published": "2012-10-05T21:55:00", "title": "CVE-2012-1150", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1150"], "modified": "2019-10-25T11:53:00", "cpe": ["cpe:/a:python:python:2.2.2", "cpe:/a:python:python:2.6.3", "cpe:/a:python:python:0.9.1", "cpe:/a:python:python:3.0.1", "cpe:/a:python:python:2.5.1", "cpe:/a:python:python:2.0.1", "cpe:/a:python:python:2.5.6", "cpe:/a:python:python:2.7.1150", "cpe:/a:python:python:3.1.1", "cpe:/a:python:python:2.2.1", "cpe:/a:python:python:2.4.1", "cpe:/a:python:python:2.1.2", "cpe:/a:python:python:2.3.2", "cpe:/a:python:python:2.5.2", "cpe:/a:python:python:2.1.3", "cpe:/a:python:python:2.1", "cpe:/a:python:python:3.2", "cpe:/a:python:python:2.7.2150", "cpe:/a:python:python:2.3.4", "cpe:/a:python:python:0.9.0", "cpe:/a:python:python:2.0", "cpe:/a:python:python:1.6.1", "cpe:/a:python:python:3.1.2", "cpe:/a:python:python:1.3", "cpe:/a:python:python:2.2.3", "cpe:/a:python:python:1.2", "cpe:/a:python:python:2.4.2", "cpe:/a:python:python:2.6.5", "cpe:/a:python:python:1.5.2", "cpe:/a:python:python:2.4.4", "cpe:/a:python:python:2.6.2", "cpe:/a:python:python:2.4.6", "cpe:/a:python:python:3.1", "cpe:/a:python:python:2.3.7", "cpe:/a:python:python:2.6.6", "cpe:/a:python:python:2.6.7", "cpe:/a:python:python:2.5.3", "cpe:/a:python:python:2.7.2", "cpe:/a:python:python:3.0", "cpe:/a:python:python:2.6.2150", "cpe:/a:python:python:2.5.150", "cpe:/a:python:python:2.7.1", "cpe:/a:python:python:2.1.1", "cpe:/a:python:python:3.1.3", "cpe:/a:python:python:2.6.4", "cpe:/a:python:python:2.6.1", "cpe:/a:python:python:2.2", "cpe:/a:python:python:2.3.3", "cpe:/a:python:python:1.6", "cpe:/a:python:python:3.1.4", "cpe:/a:python:python:2.5.4", "cpe:/a:python:python:3.2.2150", "cpe:/a:python:python:2.3.1", "cpe:/a:python:python:2.6.6150", "cpe:/a:python:python:2.3.5", "cpe:/a:python:python:2.4.3"], "id": "CVE-2012-1150", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1150", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:45:58", "description": "** REJECT ** Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 \"Independently Fixable\" in the CVE Counting Decisions.", "edition": 2, "cvss3": {}, "published": "2019-06-03T20:15:00", "title": "CVE-2013-1752", "type": "cve", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2013-1752"], "modified": "2019-06-03T20:15:00", "cpe": [], "id": "CVE-2013-1752", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1752", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2020-10-03T11:39:31", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", "edition": 5, "cvss3": {}, "published": "2011-09-06T19:55:00", "title": "CVE-2011-3389", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2018-10-12T22:01:00", "cpe": ["cpe:/a:opera:opera_browser:*", "cpe:/a:mozilla:firefox:*", "cpe:/a:microsoft:ie:*", "cpe:/a:google:chrome:*", "cpe:/o:microsoft:windows:*"], "id": "CVE-2011-3389", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "description": "VMware vCenter product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.", "modified": "2018-11-19T00:00:00", "published": "2014-12-05T00:00:00", "id": "OPENVAS:1361412562310105135", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105135", "type": "openvas", "title": "VMSA-2014-0012: VMware vCenter product updates address security vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_vcenter_VMSA-2014-0012.nasl 12419 2018-11-19 13:45:13Z cfischer $\n#\n# VMSA-2014-0012: VMware vCenter product updates address security vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105135\");\n script_cve_id(\"CVE-2014-3797\", \"CVE-2014-8371\", \"CVE-2013-2877\", \"CVE-2014-0191\", \"CVE-2014-0015\",\n \"CVE-2014-0138\", \"CVE-2013-1752\", \"CVE-2013-4238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_version(\"$Revision: 12419 $\");\n script_name(\"VMSA-2014-0012: VMware vCenter product updates address security vulnerabilities\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-19 14:45:13 +0100 (Mon, 19 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-05 11:33:51 +0100 (Fri, 05 Dec 2014)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_vcenter_detect.nasl\");\n script_mandatory_keys(\"VMware_vCenter/version\", \"VMware_vCenter/build\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable build is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"a. VMware vCSA cross-site scripting vulnerability\n VMware vCenter Server Appliance (vCSA) contains a vulnerability that may\n allow for Cross Site Scripting. Exploitation of this vulnerability in\n vCenter Server requires tricking a user to click on a malicious link or\n to open a malicious web page while they are logged in into vCenter.\n\n b. vCenter Server certificate validation issue\n vCenter Server does not properly validate the presented certificate\n when establishing a connection to a CIM Server residing on an ESXi\n host. This may allow for a Man-in-the-middle attack against the CIM\n service.\n\n c. Update to ESXi libxml2 package\n libxml2 is updated to address multiple security issues.\n\n d. Update to ESXi Curl package\n Curl is updated to address multiple security issues.\n\n e. Update to ESXi Python package\n Python is updated to address multiple security issues.\n\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\n\n Oracle has documented the CVE identifiers that are addressed in JRE\n 1.6.0 update 81 in the Oracle Java SE Critical Patch Update Advisory of July 2014.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"summary\", value:\"VMware vCenter product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.\");\n\n script_tag(name:\"affected\", value:\"VMware vCenter Server Appliance 5.1 Prior to Update 3\n\n VMware vCenter Server 5.5 prior to Update 2\n\n VMware vCenter Server 5.1 prior to Update 3\n\n VMware vCenter Server 5.0 prior to Update 3c\n\n VMware ESXi 5.1 without patch ESXi510-201412101-SG\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\n\nif ( ! vcenter_version = get_kb_item(\"VMware_vCenter/version\") ) exit( 0 );\nif ( ! vcenter_build = get_kb_item(\"VMware_vCenter/build\") ) exit( 0 );\n\nfixed_builds = make_array( \"5.1.0\", \"2308385\" );\n\nif ( ! fixed_builds[ vcenter_version] ) exit( 0 );\n\nif ( int( vcenter_build ) < int( fixed_builds[ vcenter_version ] ) ) {\n security_message( port:0, data:esxi_remote_report( ver:vcenter_version, build:vcenter_build, fixed_build:fixed_builds[vcenter_version], typ:'vCenter' ) );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "description": "VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.", "modified": "2018-11-19T00:00:00", "published": "2014-12-05T00:00:00", "id": "OPENVAS:1361412562310105134", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105134", "type": "openvas", "title": "VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities (remote check)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2014-0012_remote.nasl 12419 2018-11-19 13:45:13Z cfischer $\n#\n# VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities (remote check)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105134\");\n script_cve_id(\"CVE-2014-3797\", \"CVE-2014-8371\", \"CVE-2013-2877\", \"CVE-2014-0191\", \"CVE-2014-0015\",\n \"CVE-2014-0138\", \"CVE-2013-1752\", \"CVE-2013-4238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_version(\"$Revision: 12419 $\");\n script_name(\"VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities (remote check)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-19 14:45:13 +0100 (Mon, 19 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-05 11:32:51 +0100 (Fri, 05 Dec 2014)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esx_web_detect.nasl\");\n script_mandatory_keys(\"VMware/ESX/build\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable build is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"a. VMware vCSA cross-site scripting vulnerability\n VMware vCenter Server Appliance (vCSA) contains a vulnerability that may\n allow for Cross Site Scripting. Exploitation of this vulnerability in\n vCenter Server requires tricking a user to click on a malicious link or\n to open a malicious web page while they are logged in into vCenter.\n\n b. vCenter Server certificate validation issue\n vCenter Server does not properly validate the presented certificate\n when establishing a connection to a CIM Server residing on an ESXi\n host. This may allow for a Man-in-the-middle attack against the CIM service.\n\n c. Update to ESXi libxml2 package\n libxml2 is updated to address multiple security issues.\n\n d. Update to ESXi Curl package\n Curl is updated to address multiple security issues.\n\n e. Update to ESXi Python package\n Python is updated to address multiple security issues.\n\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\n\n Oracle has documented the CVE identifiers that are addressed in JRE\n 1.6.0 update 81 in the Oracle Java SE Critical Patch Update Advisory\n of July 2014.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"summary\", value:\"VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.\");\n\n script_tag(name:\"affected\", value:\"VMware vCenter Server Appliance 5.1 Prior to Update 3\n\n VMware vCenter Server 5.5 prior to Update 2\n\n VMware vCenter Server 5.1 prior to Update 3\n\n VMware vCenter Server 5.0 prior to Update 3c\n\n VMware ESXi 5.1 without patch ESXi510-201412101-SG\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\n\nif( ! esxVersion = get_kb_item( \"VMware/ESX/version\" ) ) exit( 0 );\nif( ! esxBuild = get_kb_item( \"VMware/ESX/build\" ) ) exit( 0 );\n\nfixed_builds = make_array( \"5.1.0\", \"2323231\" );\n\nif( ! fixed_builds[esxVersion] ) exit( 0 );\n\nif( int( esxBuild ) < int( fixed_builds[esxVersion] ) ) {\n security_message( port:0, data:esxi_remote_report( ver:esxVersion, build:esxBuild, fixed_build:fixed_builds[esxVersion] ) );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-12-19T16:07:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "description": "VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.", "modified": "2019-12-18T00:00:00", "published": "2014-12-05T00:00:00", "id": "OPENVAS:1361412562310105133", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105133", "type": "openvas", "title": "VMware ESXi product updates address security vulnerabilities (VMSA-2014-0012)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105133\");\n script_cve_id(\"CVE-2014-3797\", \"CVE-2014-8371\", \"CVE-2013-2877\", \"CVE-2014-0191\", \"CVE-2014-0015\",\n \"CVE-2014-0138\", \"CVE-2013-1752\", \"CVE-2013-4238\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi product updates address security vulnerabilities (VMSA-2014-0012)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-12-05 11:31:51 +0100 (Fri, 05 Dec 2014)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"insight\", value:\"a. VMware vCSA cross-site scripting vulnerability\n VMware vCenter Server Appliance (vCSA) contains a vulnerability that may\n allow for Cross Site Scripting. Exploitation of this vulnerability in\n vCenter Server requires tricking a user to click on a malicious link or\n to open a malicious web page while they are logged in into vCenter.\n\n b. vCenter Server certificate validation issue\n vCenter Server does not properly validate the presented certificate\n when establishing a connection to a CIM Server residing on an ESXi\n host. This may allow for a Man-in-the-middle attack against the CIM\n service.\n\n c. Update to ESXi libxml2 package\n libxml2 is updated to address multiple security issues.\n\n d. Update to ESXi Curl package\n Curl is updated to address multiple security issues.\n\n e. Update to ESXi Python package\n Python is updated to address multiple security issues.\n\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\n\n Oracle has documented the CVE identifiers that are addressed in JRE\n 1.6.0 update 81 in the Oracle Java SE Critical Patch Update Advisory of July 2014.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"summary\", value:\"VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation\n issue and security vulnerabilities in third-party libraries.\");\n\n script_tag(name:\"affected\", value:\"VMware ESXi 5.1 without patch ESXi510-201412101-SG.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"5.1.0\", \"VIB:esx-base:5.1.0-3.50.2323231\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:1361412562310831685", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831685", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831685\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"python on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "Oracle Linux Local Security Checks ELSA-2013-1605", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123527", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-1605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1605.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123527\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:05 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1605\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1605 - glibc security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1605\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1605.html\");\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:01:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120295", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-270)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120295\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:02 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-270)\");\n script_tag(name:\"insight\", value:\"Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-4332 )A flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially-crafted input that, when processed, would cause the application to crash. (CVE-2013-0242 )It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-1914 )\");\n script_tag(name:\"solution\", value:\"Run yum update glibc to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-270.html\");\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.132.45.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-11-21T00:00:00", "id": "OPENVAS:1361412562310871075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871075", "type": "openvas", "title": "RedHat Update for glibc RHSA-2013:1605-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2013:1605-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871075\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-21 10:43:57 +0530 (Thu, 21 Nov 2013)\");\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for glibc RHSA-2013:1605-02\");\n\n\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in glibc's memory allocator functions (pvalloc, valloc, and\nmemalign). If an application used such a function, it could cause the\napplication to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that process\nmultibyte character input. If an application utilized the glibc regular\nexpression matching mechanism, an attacker could provide specially-crafted\ninput that, when processed, would cause the application to crash.\n(CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack memory\nused during name resolution. An attacker able to make an application\nresolve an attacker-controlled hostname or IP address could possibly cause\nthe application to exhaust all stack memory and crash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug:\n\n * Due to a defect in the initial release of the getaddrinfo() system call\nin Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries resolved from\nthe /etc/hosts file returned queried names as canonical names. This\nincorrect behavior is, however, still considered to be the expected\nbehavior. As a result of a recent change in getaddrinfo(), AF_INET6 queries\nstarted resolving the canonical names correctly. However, this behavior was\nunexpected by applications that relied on queries resolved from the\n/etc/hosts file, and these applications could thus fail to operate\nproperly. This update applies a fix ensuring that AF_INET6 queries resolved\nfrom /etc/hosts always return the queried name as canonical. Note that DNS\nlookups are resolved properly and always return the correct canonical\nnames. A proper fix to AF_INET6 queries resolution from /etc/hosts may be\napplied in future releases for now, due to a lack of standard, Red Hat\nsuggests the first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry. (BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of these ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2013:1605-02\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-November/msg00026.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-02-06T13:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "Check for the Version of glibc", "modified": "2018-02-05T00:00:00", "published": "2013-11-21T00:00:00", "id": "OPENVAS:871075", "href": "http://plugins.openvas.org/nasl.php?oid=871075", "type": "openvas", "title": "RedHat Update for glibc RHSA-2013:1605-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2013:1605-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871075);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-21 10:43:57 +0530 (Thu, 21 Nov 2013)\");\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for glibc RHSA-2013:1605-02\");\n\n tag_insight = \"The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in glibc's memory allocator functions (pvalloc, valloc, and\nmemalign). If an application used such a function, it could cause the\napplication to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that process\nmultibyte character input. If an application utilized the glibc regular\nexpression matching mechanism, an attacker could provide specially-crafted\ninput that, when processed, would cause the application to crash.\n(CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack memory\nused during name resolution. An attacker able to make an application\nresolve an attacker-controlled hostname or IP address could possibly cause\nthe application to exhaust all stack memory and crash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the\nfollowing bug:\n\n* Due to a defect in the initial release of the getaddrinfo() system call\nin Red Hat enterprise Linux 6.0, AF_INET and AF_INET6 queries resolved from\nthe /etc/hosts file returned queried names as canonical names. This\nincorrect behavior is, however, still considered to be the expected\nbehavior. As a result of a recent change in getaddrinfo(), AF_INET6 queries\nstarted resolving the canonical names correctly. However, this behavior was\nunexpected by applications that relied on queries resolved from the\n/etc/hosts file, and these applications could thus fail to operate\nproperly. This update applies a fix ensuring that AF_INET6 queries resolved\nfrom /etc/hosts always return the queried name as canonical. Note that DNS\nlookups are resolved properly and always return the correct canonical\nnames. A proper fix to AF_INET6 queries resolution from /etc/hosts may be\napplied in future releases for now, due to a lack of standard, Red Hat\nsuggests the first entry in the /etc/hosts file, that applies for the IP\naddress being resolved, to be considered the canonical entry. (BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and\nvarious enhancements. Space precludes documenting all of thes ...\n\n Description truncated, for more information please check the Reference URL\";\n\n tag_affected = \"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2013:1605-02\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-November/msg00026.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.132.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:58:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "description": "Check for the Version of python", "modified": "2017-12-28T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:831685", "href": "http://plugins.openvas.org/nasl.php?oid=831685", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"python on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_id(831685);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0845"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864384", "type": "openvas", "title": "Fedora Update for python FEDORA-2012-5892", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2012-5892\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079570.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864384\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:06:37 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-1150\", \"CVE-2012-0845\", \"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-5892\");\n script_name(\"Fedora Update for python FEDORA-2012-5892\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"python on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.3~3.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-3797", "CVE-2014-0191", "CVE-2013-4238", "CVE-2013-2877", "CVE-2014-0015", "CVE-2013-1752", "CVE-2014-8371", "CVE-2014-0138"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2014-0012\r\nSynopsis: VMware vSphere product updates address security \r\n vulnerabilities\r\nIssue date: 2014-12-04\r\nUpdated on: 2014-12-04 (Initial Advisory)\r\nCVE number: CVE-2014-3797, CVE-2014-8371, CVE-2013-2877, CVE-2014-0191, \r\n CVE-2014-0015, CVE-2014-0138, CVE-2013-1752 and \r\n CVE-2013-4238\r\n- ------------------------------------------------------------------------\r\n\r\n1. Summary\r\n\r\n VMware vSphere product updates address a Cross Site Scripting issue, \r\n a certificate validation issue and security vulnerabilities in \r\n third-party libraries.\r\n \r\n2. Relevant releases\r\n\r\n VMware vCenter Server Appliance 5.1 Prior to Update 3 \r\n\r\n VMware vCenter Server 5.5 prior to Update 2\r\n VMware vCenter Server 5.1 prior to Update 3\r\n VMware vCenter Server 5.0 prior to Update 3c\r\n\r\n VMware ESXi 5.1 without patch ESXi510-201412101-SG\r\n\r\n3. Problem Description \r\n\r\n a. VMware vCSA cross-site scripting vulnerability\r\n\r\n VMware vCenter Server Appliance (vCSA) contains a vulnerability\r\n that may allow for Cross Site Scripting. Exploitation of this \r\n vulnerability in vCenter Server requires tricking a user to click\r\n on a malicious link or to open a malicious web page while they are\r\n logged in into vCenter. \r\n\r\n VMware would like to thank Tanya Secker of Trustwave SpiderLabs for \r\n reporting this issue to us. \r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org) \r\n has assigned the name CVE-2014-3797 to this issue. \r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is \r\n available.\r\n\r\n VMware Product\tRunning Replace with/\r\n Product Version\ton Apply Patch\r\n ============= =======\t======= =================\r\n vCSA 5.5 any Not Affected\r\n vCSA 5.1 any 5.1 Update 3\r\n vCSA 5.0 any Not Affected\r\n\r\n b. vCenter Server certificate validation issue\r\n\r\n vCenter Server does not properly validate the presented certificate \r\n when establishing a connection to a CIM Server residing on an ESXi \r\n host. This may allow for a Man-in-the-middle attack against the CIM \r\n service.\r\n\r\n VMware would like to thank The Google Security Team for reporting \r\n this issue to us.\r\n\r\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\n has assigned the identifier CVE-2014-8371 to this issue. \r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is \r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= =======\t======= ==============\r\n vCenter Server 5.5 any 5.5 Update 2\r\n vCenter Server 5.1 any 5.1 Update 3\r\n vCenter Server 5.0 any 5.0 Update 3c\r\n\r\n c. Update to ESXi libxml2 package\r\n\r\n libxml2 is updated to address multiple security issues. \r\n\r\n The Common Vulnerabilities and Exposures project \r\n (cve.mitre.org) has assigned the names CVE-2013-2877 and\r\n CVE-2014-0191 to these issues. \r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is \r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======= ======= =================\r\n ESXi 5.5 any Patch Pending\r\n ESXi 5.1 any ESXi510-201412101-SG\r\n ESXi 5.0 any No patch planned\r\n\r\n d. Update to ESXi Curl package\r\n\r\n Curl is updated to address multiple security issues. \r\n\r\n The Common Vulnerabilities and Exposures project \r\n (cve.mitre.org) has assigned the names CVE-2014-0015 and \r\n CVE-2014-0138 to these issues. \r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is \r\n available.\r\n\r\n VMware Product\tRunning Replace with/\r\n Product Version\ton Apply Patch\r\n ========= =======\t======= =================\r\n ESXi 5.5 any Patch Pending\r\n ESXi 5.1 any ESXi510-201412101-SG\r\n ESXi 5.0 any No patch planned\r\n\r\n e. Update to ESXi Python package\r\n\r\n Python is updated to address multiple security issues. \r\n\r\n The Common Vulnerabilities and Exposures project \r\n (cve.mitre.org) has assigned the names CVE-2013-1752 and \r\n CVE-2013-4238 to these issues. \r\n\r\n Column 4 of the following table lists the action required to\r\n remediate the vulnerability in each release, if a solution is \r\n available.\r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======= ======= =================\r\n ESXi 5.5 any Patch Pending\r\n ESXi 5.1 any ESXi510-201412101-SG\r\n ESXi 5.0 any Patch Pending\r\n\r\n f. vCenter and Update Manager, Oracle JRE 1.6 Update 81\r\n\r\n Oracle has documented the CVE identifiers that are addressed in \r\n JRE 1.6.0 update 81 in the Oracle Java SE Critical Patch Update\r\n Advisory of July 2014. The References section provides a link to\r\n this advisory. \r\n\r\n VMware Product Running Replace with/\r\n Product Version on Apply Patch\r\n ============= ======= ======= =================\r\n vCenter Server 5.5 any not applicable *\r\n vCenter Server 5.1 any 5.1 Update 3\r\n vCenter Server 5.0 any patch pending\r\n vCenter Update Manager 5.5 any not applicable *\r\n vCenter Update Manager 5.1 any 5.1 Update 3\r\n vCenter Update Manager 5.0 any patch pending\r\n\r\n * this product uses the Oracle JRE 1.7.0 family\r\n\r\n4. Solution\r\n\r\n Please review the patch/release notes for your product and version \r\n and verify the checksum of your downloaded file. \r\n \r\n vCSA 5.1 Update 3, vCenter Server 5.1 Update 3 and Update Manager 5.1\r\n Update 3\r\n ----------------------------\r\n Downloads and Documentation: \r\n https://www.vmware.com/go/download-vsphere\r\n\r\n ESXi 5.1\r\n ----------------------------\r\n File: update-from-esxi5.1-5.1_update03.zip.zip\r\n md5sum: b3fd3549b59c6c59c04bfd09b08c6edf\r\n sha1sum: 02139101fe205894774caac02820f6ea8416fb8b\r\n http://kb.vmware.com/kb/2086288\r\n update-from-esxi5.1-5.1_update03 contains ESXi510-201412101-SG\r\n \r\n5. References\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3797\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8371\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238\r\n\r\n JRE \r\n Oracle Java SE Critical Patch Update Advisory of July 2014\r\n\r\n http://www.oracle.com/technetwork/topics/security/cpujul2014-\r\n1972956.html\r\n\r\n- ------------------------------------------------------------------------\r\n\r\n6. Change log\r\n\r\n 2014-12-04 VMSA-2014-0012\r\n Initial security advisory in conjunction with the release of VMware\r\n vCSA 5.1 Update 3, vCenter Server 5.1 Update 3 and ESXi 5.1 Patches \r\n released on 2014-12-04.\r\n\r\n- ------------------------------------------------------------------------\r\n\r\n7. Contact\r\n\r\n E-mail list for product security notifications and announcements:\r\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\n This Security Advisory is posted to the following lists:\r\n\r\n security-announce at lists.vmware.com\r\n bugtraq at securityfocus.com\r\n fulldisclosure at seclists.org\r\n\r\n E-mail: security at vmware.com\r\n PGP key at: http://kb.vmware.com/kb/1055\r\n\r\n VMware Security Advisories\r\n http://www.vmware.com/security/advisories\r\n\r\n Consolidated list of VMware Security Advisories\r\n http://kb.vmware.com/kb/2078735\r\n\r\n VMware Security Response Policy\r\n https://www.vmware.com/support/policies/security_response.html\r\n\r\n VMware Lifecycle Support Phases\r\n https://www.vmware.com/support/policies/lifecycle.html\r\n \r\n Twitter\r\n https://twitter.com/VMwareSRC\r\n\r\n Copyright 2014 VMware Inc. All rights reserved.\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: Encryption Desktop 10.3.0 (Build 8741)\r\nCharset: utf-8\r\n\r\nwj8DBQFUgLnkDEcm8Vbi9kMRArHeAKDSKrUyaCHxpcXMS8KRHlaB80B90wCdGoV1\r\nea+5vLRA631Cn0q1Mt63s4s=\r\n=OYK3\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-12-11T00:00:00", "published": "2014-12-11T00:00:00", "id": "SECURITYVULNS:DOC:31491", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31491", "title": "NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845", "CVE-2011-4940"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:096-1\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : python\r\n Date : July 2, 2012\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in python:\r\n \r\n The _ssl module would always disable the CBC IV attack countermeasure\r\n (CVE-2011-3389).\r\n \r\n A flaw was found in the way the Python SimpleHTTPServer module\r\n generated directory listings. An attacker able to upload a file\r\n with a specially-crafted name to a server could possibly perform a\r\n cross-site scripting (XSS) attack against victims visiting a listing\r\n page generated by SimpleHTTPServer, for a directory containing\r\n the crafted file (if the victims were using certain web browsers)\r\n (CVE-2011-4940).\r\n \r\n A race condition was found in the way the Python distutils module\r\n set file permissions during the creation of the .pypirc file. If a\r\n local user had access to the home directory of another user who is\r\n running distutils, they could use this flaw to gain access to that\r\n user's .pypirc file, which can contain usernames and passwords for\r\n code repositories (CVE-2011-4944).\r\n \r\n A flaw was found in the way the Python SimpleXMLRPCServer module\r\n handled clients disconnecting prematurely. A remote attacker could\r\n use this flaw to cause excessive CPU consumption on a server using\r\n SimpleXMLRPCServer (CVE-2012-0845).\r\n \r\n Hash table collisions CPU usage DoS for the embedded copy of expat\r\n (CVE-2012-0876).\r\n \r\n A denial of service flaw was found in the implementation of associative\r\n arrays (dictionaries) in Python. An attacker able to supply a large\r\n number of inputs to a Python application (such as HTTP POST request\r\n parameters sent to a web application) that are used as keys when\r\n inserting data into an array could trigger multiple hash function\r\n collisions, making array operations take an excessive amount of\r\n CPU time. To mitigate this issue, randomization has been added to\r\n the hash function to reduce the chance of an attacker successfully\r\n causing intentional collisions (CVE-2012-1150).\r\n \r\n The updated packages have been patched to correct these issues.\r\n\r\n Update:\r\n\r\n Packages for Mandriva Enterprise Server 5 is also being provided.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4940\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n e18f146e6c8aa316adb5d19a0de2cdef mes5/i586/libpython2.5-2.5.2-5.12mdvmes5.2.i586.rpm\r\n f425a7831028c28f98bac0d95ee532ce mes5/i586/libpython2.5-devel-2.5.2-5.12mdvmes5.2.i586.rpm\r\n 153ff4e78256ec9b0b89f5ecd7ed317c mes5/i586/python-2.5.2-5.12mdvmes5.2.i586.rpm\r\n bbff1780014007b0c95491c74d3dc82b mes5/i586/python-base-2.5.2-5.12mdvmes5.2.i586.rpm\r\n e73ffb5aeff47d2008b0bdb99623579f mes5/i586/python-docs-2.5.2-5.12mdvmes5.2.i586.rpm\r\n af4d7f8f20f7cf7b2beb77dbd06f6992 mes5/i586/tkinter-2.5.2-5.12mdvmes5.2.i586.rpm\r\n 268850f5dd79335c129fa84469d39e20 mes5/i586/tkinter-apps-2.5.2-5.12mdvmes5.2.i586.rpm \r\n 0248488ef4499a61ba9ef31061325f1e mes5/SRPMS/python-2.5.2-5.12mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 6ee32ebb3873a3e01def5984dfa951c7 mes5/x86_64/lib64python2.5-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 9e7d5a39d2b224bd9141e6851350e43d mes5/x86_64/lib64python2.5-devel-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n f798622e3b9f9795c373be0d90008684 mes5/x86_64/python-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 916fb7c6e716daaf5269086b9477efcf mes5/x86_64/python-base-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n 53f14e4e8d6140603acac82004bd12c9 mes5/x86_64/python-docs-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n ff348190df6007b7d0b043ac153f35dd mes5/x86_64/tkinter-2.5.2-5.12mdvmes5.2.x86_64.rpm\r\n d7f55af87f3e3ea045b556f91c09333b mes5/x86_64/tkinter-apps-2.5.2-5.12mdvmes5.2.x86_64.rpm \r\n 0248488ef4499a61ba9ef31061325f1e mes5/SRPMS/python-2.5.2-5.12mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFP8YuYmqjQ0CJFipgRAl7UAKDy0foAu7Ro4bcYaG/I43WrnoHT7ACfV9t5\r\ny8nHa/VpwqBidhF5DJElWmo=\r\n=AnEb\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-07-09T00:00:00", "published": "2012-07-09T00:00:00", "id": "SECURITYVULNS:DOC:28232", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28232", "title": "[ MDVSA-2012:096-1 ] python", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-0242", "CVE-2013-1914"], "description": "Buffer overflow in regexec, buffer overflow in getaddrinfo.", "edition": 1, "modified": "2013-05-09T00:00:00", "published": "2013-05-09T00:00:00", "id": "SECURITYVULNS:VULN:13071", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13071", "title": "GNU glibc security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "cvelist": ["CVE-2013-0242", "CVE-2013-1914"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:163\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : glibc\r\n Date : May 7, 2013\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in glibc:\r\n \r\n Buffer overflow in the extend_buffers function in the regular\r\n expression matcher (posix/regexec.c) in glibc, possibly 2.17 and\r\n earlier, allows context-dependent attackers to cause a denial of\r\n service (memory corruption and crash) via crafted multibyte characters\r\n (CVE-2013-0242).\r\n \r\n Stack-based buffer overflow in the getaddrinfo function in\r\n sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6)\r\n 2.17 and earlier allows remote attackers to cause a denial of service\r\n (crash) via a (1) hostname or (2) IP address that triggers a large\r\n number of domain conversion results (CVE-2013-1914).\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n ec721ecac69f6bace0fec908ed45cf6d mbs1/x86_64/glibc-2.14.1-12.1.mbs1.x86_64.rpm\r\n 8d9c7b66f9b61da0c0e70141861529f8 mbs1/x86_64/glibc-devel-2.14.1-12.1.mbs1.x86_64.rpm\r\n 5a442d51c573ea1cc3593bf5b68c7e07 mbs1/x86_64/glibc-doc-2.14.1-12.1.mbs1.noarch.rpm\r\n 67ca31e66b41d88a169599fddcc628c3 mbs1/x86_64/glibc-doc-pdf-2.14.1-12.1.mbs1.noarch.rpm\r\n 8e2b8f84441470a05b513420641b0505 mbs1/x86_64/glibc-i18ndata-2.14.1-12.1.mbs1.x86_64.rpm\r\n 59226b1addf578c14a0c53e0731c37a3 mbs1/x86_64/glibc-profile-2.14.1-12.1.mbs1.x86_64.rpm\r\n 291cc63f1cd9a45ddf89455b133d06b4 mbs1/x86_64/glibc-static-devel-2.14.1-12.1.mbs1.x86_64.rpm\r\n 143e405ead8fa9a2f9184547ef6c75fc mbs1/x86_64/glibc-utils-2.14.1-12.1.mbs1.x86_64.rpm\r\n fecc2dd312e4513a89360927c579bccd mbs1/x86_64/nscd-2.14.1-12.1.mbs1.x86_64.rpm \r\n 180d09be78ca8fdfa5ca6ec1c514026a mbs1/SRPMS/glibc-2.14.1-12.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFRiQeOmqjQ0CJFipgRAgI5AKCdFyI/q4cEL7h8jQyu7m/6KMmzQQCfRt/X\r\nyvN2sdb9PK31dXX/cWwckNA=\r\n=hmEZ\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2013-05-09T00:00:00", "published": "2013-05-09T00:00:00", "id": "SECURITYVULNS:DOC:29383", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29383", "title": "[ MDVSA-2013:163 ] glibc", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:35", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2013-1914", "CVE-2013-4332"], "description": "The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in glibc's memory allocator functions (pvalloc, valloc, and\nmemalign). If an application used such a function, it could cause the\napplication to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that process\nmultibyte character input. If an application utilized the glibc regular\nexpression matching mechanism, an attacker could provide specially-crafted\ninput that, when processed, would cause the application to crash.\n(CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack memory\nused during name resolution. An attacker able to make an application\nresolve an attacker-controlled hostname or IP address could possibly cause\nthe application to exhaust all stack memory and crash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the following\nbug:\n\n* Due to a defect in the initial release of the getaddrinfo() system call in Red\nHat enterprise Linux 6.0, AF_INET and AF_INET6 queries resolved from the\n/etc/hosts file returned queried names as canonical names. This incorrect\nbehavior is, however, still considered to be the expected behavior. As a result\nof a recent change in getaddrinfo(), AF_INET6 queries started resolving the\ncanonical names correctly. However, this behavior was unexpected by applications\nthat relied on queries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix ensuring that\nAF_INET6 queries resolved from /etc/hosts always return the queried name as\ncanonical. Note that DNS lookups are resolved properly and always return the\ncorrect canonical names. A proper fix to AF_INET6 queries resolution from\n/etc/hosts may be applied in future releases; for now, due to a lack of\nstandard, Red Hat suggests the first entry in the /etc/hosts file, that applies\nfor the IP address being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and \nvarious enhancements. Space precludes documenting all of these changes \nin this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 \nTechnical Notes, linked to in the References, for information on the \nmost significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n", "modified": "2018-06-06T20:24:12", "published": "2013-11-21T05:00:00", "id": "RHSA-2013:1605", "href": "https://access.redhat.com/errata/RHSA-2013:1605", "type": "redhat", "title": "(RHSA-2013:1605) Moderate: glibc security, bug fix, and enhancement update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:21", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2877", "CVE-2014-0191"], "description": "The libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nIt was discovered that libxml2 loaded external parameter entities even when\nentity substitution was disabled. A remote attacker able to provide a\nspecially crafted XML file to an application linked against libxml2 could\nuse this flaw to conduct XML External Entity (XXE) attacks, possibly\nresulting in a denial of service or an information leak on the system.\n(CVE-2014-0191)\n\nAn out-of-bounds read flaw was found in the way libxml2 detected the end of\nan XML file. A remote attacker could provide a specially crafted XML file\nthat, when processed by an application linked against libxml2, could cause\nthe application to crash. (CVE-2013-2877)\n\nThe CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat.\n\nAll libxml2 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\n", "modified": "2018-06-06T20:24:12", "published": "2014-05-19T04:00:00", "id": "RHSA-2014:0513", "href": "https://access.redhat.com/errata/RHSA-2014:0513", "type": "redhat", "title": "(RHSA-2014:0513) Moderate: libxml2 security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "[2.12-1.132] \r\n- Revert the addition of gettimeofday vDSO function for ppc and ppc64 until \r\nOPD VDSO function call issues are resolved (#1026533). \r\n \n[2.12-1.131] \r\n- Call gethostbyname4_r only for PF_UNSPEC (#1022022). \r\n \n[2.12-1.130] \r\n- Fix integer overflows in *valloc and memalign. (#1008310). \r\n \n[2.12-1.129] \r\n- Initialize res_hconf in nscd (#970090). \r\n \n[2.12-1.128] \r\n- Update previous patch for dcigettext.c and loadmsgcat.c (#834386). \r\n \n[2.12-1.127] \r\n- Save search paths before performing relro protection (#988931). \r\n \n[2.12-1.126] \r\n- Correctly name the 240-bit slow path sytemtap probe slowpow_p10 for slowpow (#905575). \r\n \n[2.12-1.125] \r\n- Align value of stacksize in nptl-init (#663641). \r\n \n[2.12-1.124] \r\n- Renamed release engineering directory from 'fedora' to `releng' (#903754). \r\n \n[2.12-1.123] \r\n- Backport GLIBC sched_getcpu and gettimeofday vDSO functions for ppc (#929302). \r\n- Fall back to local DNS if resolv.conf does not define nameservers (#928318). \r\n- Add systemtap probes to slowexp and slowpow (#905575). \r\n \n[2.12-1.122] \r\n- Fix getaddrinfo stack overflow resulting in application crash (CVE-2013-1914, #951213). \r\n- Fix multibyte character processing crash in regexp (CVE-2013-0242, #951213). \r\n \n[2.12-1.121] \r\n- Add netgroup cache support for nscd (#629823). \r\n \n[2.12-1.120] \r\n- Fix multiple nss_compat initgroups() bugs (#966778). \r\n- Don't use simple lookup for AF_INET when AI_CANONNAME is set (#863384). \r\n \n[2.12-1.119] \r\n- Add MAP_HUGETLB and MAP_STACK support (#916986). \r\n- Update translation for stale file handle error (#970776). \r\n \n[2.12-1.118] \r\n- Improve performance of _SC_NPROCESSORS_ONLN (#rh952422). \r\n- Fix up _init in pt-initfini to accept arguments (#663641). \r\n \n[2.12-1.117] \r\n- Set reasonable limits on xdr requests to prevent memory leaks (#848748). \r\n \n[2.12-1.116] \r\n- Fix mutex locking for PI mutexes on spurious wake-ups on pthread condvars \r\n(#552960). \r\n- New environment variable GLIBC_PTHREAD_STACKSIZE to set thread stack size \r\n(#663641). \r\n \n[2.12-1.115] \r\n- Improved handling of recursive calls in backtrace (#868808). \r\n \n[2.12-1.114] \r\n- The ttyname and ttyname_r functions on Linux now fall back to searching for \r\nthe tty file descriptor in /dev/pts or /dev if /proc is not available. This \r\nallows creation of chroots without the procfs mounted on /proc. (#851470) \r\n \n[2.12-1.113] \r\n- Don't free rpath strings allocated during startup until after \r\nld.so is re-relocated. (#862094) \r\n \n[2.12-1.112] \r\n- Consistantly MANGLE/DEMANGLE function pointers. \r\nFix use after free in dcigettext.c (#834386). \r\n \n[2.12-1.111] \r\n- Change rounding mode only when necessary (#966775). \r\n \n[2.12-1.110] \r\n- Backport of code to allow incremental loading of library list (#886968). \r\n \n[2.12-1.109] \r\n- Fix loading of audit libraries when TLS is in use (#919562) \r\n \n[2.12-1.108] \r\n- Fix application of SIMD FP exception mask (#929388). ", "edition": 4, "modified": "2013-11-25T00:00:00", "published": "2013-11-25T00:00:00", "id": "ELSA-2013-1605", "href": "http://linux.oracle.com/errata/ELSA-2013-1605.html", "title": "glibc security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0191", "CVE-2013-2877"], "description": "[2.7.6-14.0.1.el6_5.1]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2-2.7.6-14.el6_5.1]\n- Improve handling of xmlStopParser(CVE-2013-2877)\n- Do not fetch external parameter entities (CVE-2014-0191)", "edition": 4, "modified": "2014-05-19T00:00:00", "published": "2014-05-19T00:00:00", "id": "ELSA-2014-0513", "href": "http://linux.oracle.com/errata/ELSA-2014-0513.html", "title": "libxml2 security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:11", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0876", "CVE-2012-0845", "CVE-2011-4940"], "description": "[2.6.6-29.el6_2.2]\n- if hash randomization is enabled, also enable it within pyexpat\nResolves: CVE-2012-0876\n[2.6.6-29.el6_2.1]\n- distutils.config: create ~/.pypirc securely\nResolves: CVE-2011-4944\n- fix endless loop in SimpleXMLRPCServer upon malformed POST request\nResolves: CVE-2012-0845\n- send encoding in SimpleHTTPServer.list_directory to protect IE7 against\npotential XSS attacks\nResolves: CVE-2011-4940\n- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment\nvariable, to provide an opt-in way to protect against denial of service\nattacks due to hash collisions within the dict and set types\nResolves: CVE-2012-1150", "edition": 4, "modified": "2012-06-18T00:00:00", "published": "2012-06-18T00:00:00", "id": "ELSA-2012-0744", "href": "http://linux.oracle.com/errata/ELSA-2012-0744.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0015", "CVE-2014-0138"], "description": "[7.19.7-37.el6_5.3]\n- fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)\n- fix connection re-use when using different log-in credentials (CVE-2014-0138)\n[7.19.7-37.el6_5.2]\n- fix authentication failure when server offers multiple auth options (#1096797)\n[7.19.7-37.el6_5.1]\n- refresh expired cookie in test172 from upstream test-suite (#1092486)\n- fix a memory leak caused by write after close (#1092479)\n- nss: implement non-blocking SSL handshake (#1092480)", "edition": 4, "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "ELSA-2014-0561", "href": "http://linux.oracle.com/errata/ELSA-2014-0561.html", "title": "curl security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "centos": [{"lastseen": "2019-12-20T18:29:16", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1605\n\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in glibc's memory allocator functions (pvalloc, valloc, and\nmemalign). If an application used such a function, it could cause the\napplication to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2013-4332)\n\nA flaw was found in the regular expression matching routines that process\nmultibyte character input. If an application utilized the glibc regular\nexpression matching mechanism, an attacker could provide specially-crafted\ninput that, when processed, would cause the application to crash.\n(CVE-2013-0242)\n\nIt was found that getaddrinfo() did not limit the amount of stack memory\nused during name resolution. An attacker able to make an application\nresolve an attacker-controlled hostname or IP address could possibly cause\nthe application to exhaust all stack memory and crash. (CVE-2013-1914)\n\nAmong other changes, this update includes an important fix for the following\nbug:\n\n* Due to a defect in the initial release of the getaddrinfo() system call in Red\nHat enterprise Linux 6.0, AF_INET and AF_INET6 queries resolved from the\n/etc/hosts file returned queried names as canonical names. This incorrect\nbehavior is, however, still considered to be the expected behavior. As a result\nof a recent change in getaddrinfo(), AF_INET6 queries started resolving the\ncanonical names correctly. However, this behavior was unexpected by applications\nthat relied on queries resolved from the /etc/hosts file, and these applications\ncould thus fail to operate properly. This update applies a fix ensuring that\nAF_INET6 queries resolved from /etc/hosts always return the queried name as\ncanonical. Note that DNS lookups are resolved properly and always return the\ncorrect canonical names. A proper fix to AF_INET6 queries resolution from\n/etc/hosts may be applied in future releases; for now, due to a lack of\nstandard, Red Hat suggests the first entry in the /etc/hosts file, that applies\nfor the IP address being resolved, to be considered the canonical entry.\n(BZ#1022022)\n\nThese updated glibc packages also include additional bug fixes and \nvarious enhancements. Space precludes documenting all of these changes \nin this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 \nTechnical Notes, linked to in the References, for information on the \nmost significant of these changes.\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-November/007147.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-static\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1605.html", "edition": 3, "modified": "2013-11-26T13:31:38", "published": "2013-11-26T13:31:38", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-November/007147.html", "id": "CESA-2013:1605", "title": "glibc, nscd security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:29:22", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2013-1914"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0769\n\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nIt was found that getaddrinfo() did not limit the amount of stack memory\nused during name resolution. An attacker able to make an application\nresolve an attacker-controlled hostname or IP address could possibly cause\nthe application to exhaust all stack memory and crash. (CVE-2013-1914)\n\nA flaw was found in the regular expression matching routines that process\nmultibyte character input. If an application utilized the glibc regular\nexpression matching mechanism, an attacker could provide specially-crafted\ninput that, when processed, would cause the application to crash.\n(CVE-2013-0242)\n\nThis update also fixes the following bugs:\n\n* The improvements RHSA-2012:1207 made to the accuracy of floating point\nfunctions in the math library caused performance regressions for those\nfunctions. The performance regressions were analyzed and a fix was applied\nthat retains the current accuracy but reduces the performance penalty to\nacceptable levels. Refer to Red Hat Knowledge solution 229993, linked\nto in the References, for further information. (BZ#950535)\n\n* It was possible that a memory location freed by the localization code\ncould be accessed immediately after, resulting in a crash. The fix ensures\nthat the application does not crash by avoiding the invalid memory access.\n(BZ#951493)\n\nUsers of glibc are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-April/031744.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0769.html", "edition": 3, "modified": "2013-04-24T21:58:40", "published": "2013-04-24T21:58:40", "href": "http://lists.centos.org/pipermail/centos-announce/2013-April/031744.html", "id": "CESA-2013:0769", "title": "glibc, nscd security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:27:59", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0191", "CVE-2013-2877"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0513\n\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nIt was discovered that libxml2 loaded external parameter entities even when\nentity substitution was disabled. A remote attacker able to provide a\nspecially crafted XML file to an application linked against libxml2 could\nuse this flaw to conduct XML External Entity (XXE) attacks, possibly\nresulting in a denial of service or an information leak on the system.\n(CVE-2014-0191)\n\nAn out-of-bounds read flaw was found in the way libxml2 detected the end of\nan XML file. A remote attacker could provide a specially crafted XML file\nthat, when processed by an application linked against libxml2, could cause\nthe application to crash. (CVE-2013-2877)\n\nThe CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat.\n\nAll libxml2 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-May/032341.html\n\n**Affected packages:**\nlibxml2\nlibxml2-devel\nlibxml2-python\nlibxml2-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0513.html", "edition": 3, "modified": "2014-05-19T13:08:11", "published": "2014-05-19T13:08:11", "href": "http://lists.centos.org/pipermail/centos-announce/2014-May/032341.html", "id": "CESA-2014:0513", "title": "libxml2 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:27:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0015", "CVE-2014-0138"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0561\n\n\ncURL provides the libcurl library and a command line tool for downloading\nfiles from servers using various protocols, including HTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections for\nrequests that should have used different or no authentication credentials,\nwhen using one of the following protocols: HTTP(S) with NTLM\nauthentication, LDAP(S), SCP, or SFTP. If an application using the libcurl\nlibrary connected to a remote server with certain authentication\ncredentials, this flaw could cause other requests to use those same\ncredentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these issues.\nUpstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security impact of\nthis issue, and Steve Holme as the original reporter of CVE-2014-0138.\n\nThis update also fixes the following bugs:\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted in a\nwrite after close and consequent leakage of memory dynamically allocated by\nthe SSL library. An upstream patch has been applied on libcurl to fix this\nbug. As a result, the write after close no longer happens, and the SSL\nlibrary no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based on\nlibcurl's multi API. To fix this bug, the non-blocking SSL handshake has\nbeen implemented by libcurl. With this update, libcurl's multi API\nimmediately returns the control back to the application whenever it cannot\nread/write data from/to the underlying network socket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due to an\nexpired cookie in the upstream test-suite, which runs during the build. An\nupstream patch has been applied to postpone the expiration date of the\ncookie, which makes it possible to rebuild the package from sources again.\n(BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using Kerberos\nwhenever such an authentication method was offered by the server. This\ncaused problems when the server offered multiple authentication methods and\nKerberos was not the selected one. An upstream patch has been applied on\nlibcurl to fix this bug. Now libcurl no longer uses Kerberos authentication\nif another authentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-May/032359.html\n\n**Affected packages:**\ncurl\nlibcurl\nlibcurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0561.html", "edition": 3, "modified": "2014-05-28T12:52:04", "published": "2014-05-28T12:52:04", "href": "http://lists.centos.org/pipermail/centos-announce/2014-May/032359.html", "id": "CESA-2014:0561", "title": "curl, libcurl security update", "type": "centos", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "amazon": [{"lastseen": "2020-08-25T05:38:15", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2013-4332", "CVE-2013-1914"], "description": "**Issue Overview:**\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. ([CVE-2013-4332 __](<https://access.redhat.com/security/cve/CVE-2013-4332>))\n\nA flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially-crafted input that, when processed, would cause the application to crash. ([CVE-2013-0242 __](<https://access.redhat.com/security/cve/CVE-2013-0242>))\n\nIt was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. ([CVE-2013-1914 __](<https://access.redhat.com/security/cve/CVE-2013-1914>))\n\n \n**Affected Packages:** \n\n\nglibc\n\n \n**Issue Correction:** \nRun _yum update glibc_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n glibc-2.12-1.132.45.amzn1.i686 \n glibc-utils-2.12-1.132.45.amzn1.i686 \n glibc-debuginfo-common-2.12-1.132.45.amzn1.i686 \n glibc-common-2.12-1.132.45.amzn1.i686 \n glibc-headers-2.12-1.132.45.amzn1.i686 \n glibc-static-2.12-1.132.45.amzn1.i686 \n glibc-debuginfo-2.12-1.132.45.amzn1.i686 \n nscd-2.12-1.132.45.amzn1.i686 \n glibc-devel-2.12-1.132.45.amzn1.i686 \n \n src: \n glibc-2.12-1.132.45.amzn1.src \n \n x86_64: \n glibc-2.12-1.132.45.amzn1.x86_64 \n nscd-2.12-1.132.45.amzn1.x86_64 \n glibc-devel-2.12-1.132.45.amzn1.x86_64 \n glibc-common-2.12-1.132.45.amzn1.x86_64 \n glibc-debuginfo-2.12-1.132.45.amzn1.x86_64 \n glibc-headers-2.12-1.132.45.amzn1.x86_64 \n glibc-static-2.12-1.132.45.amzn1.x86_64 \n glibc-debuginfo-common-2.12-1.132.45.amzn1.x86_64 \n glibc-utils-2.12-1.132.45.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2013-12-17T21:39:00", "published": "2013-12-17T21:39:00", "id": "ALAS-2013-270", "href": "https://alas.aws.amazon.com/ALAS-2013-270.html", "title": "Medium: glibc", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:48:50", "description": "CVE ID: CVE-2012-1150\r\n\r\nPython\u662f\u4e00\u79cd\u9762\u5411\u5bf9\u8c61\u3001\u76f4\u8bd1\u5f0f\u8ba1\u7b97\u673a\u7a0b\u5e8f\u8bbe\u8ba1\u8bed\u8a00\u3002\r\n\r\nPython 2.6.8\u4e4b\u524d\u7248\u672c\u30012.7.x\u30013.x\u30013.2.x\u7248\u672c\u8ba1\u7b97\u54c8\u5e0c\u503c\u65f6\u6ca1\u6709\u9884\u5148\u9650\u5236\u54c8\u5e0c\u51b2\u7a81\uff0c\u53ef\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u5411\u5305\u542b\u54c8\u5e0c\u8868\u7684\u5e94\u7528\u53d1\u9001\u7279\u5236\u7684\u5e94\u7528\u652f\u6301\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\npython < 2.6.8\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPython\r\n------\r\n\u76ee\u524d\u5382\u5546\u8fd8\u6ca1\u6709\u63d0\u4f9b\u8865\u4e01\u6216\u8005\u5347\u7ea7\u7a0b\u5e8f\uff0c\u6211\u4eec\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u7684\u4e3b\u9875\u4ee5\u83b7\u53d6\u6700\u65b0\u7248\u672c\uff1a\r\n\r\nwww.python.org", "published": "2012-10-10T00:00:00", "type": "seebug", "title": "Python\u54c8\u5e0c\u51b2\u7a81\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e(CVE-2012-1150)", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-1150"], "modified": "2012-10-10T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60424", "id": "SSV:60424", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:37:21", "description": "CVE ID:CVE-2013-1752\u3001CVE-2013-4238\r\n\r\nPython\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u811a\u672c\u7f16\u7a0b\u8bed\u8a00\u3002\r\n\r\nPython\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u4f2a\u9020\u653b\u51fb\u548c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n1\uff0cPython SSL\u6a21\u5757\u6ca1\u6709\u6b63\u786e\u5904\u7406\u670d\u52a1\u5668SSL\u8bc1\u4e66\u4e2d\u7684"subjectAltNames"\u901a\u7528\u540d\u7684\u7a7a\u5b57\u8282\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u4e2d\u95f4\u4eba\u653b\u51fb\u8fdb\u884c\u670d\u52a1\u5668\u4f2a\u9020\u653b\u51fb\uff0c\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\r\n2\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/httplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n3\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/ftplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n4\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/imaplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n5\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/nntplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n6\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/poplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n7\uff0c\u4e0d\u53d7\u9650\u7684\u8c03\u7528Lib/smtplib.py\u4e2d\u7684"readline()"\u53ef\u5bfc\u81f4\u6d88\u8017\u5927\u91cf\u5185\u5b58\u8d44\u6e90\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\n0\nPython 2.6.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPython\r\n-----\r\nPython 2.6.9\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\n\r\nhttp://www.python.org", "published": "2013-12-30T00:00:00", "type": "seebug", "title": "Python\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-1752", "CVE-2013-4238"], "modified": "2013-12-30T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61235", "id": "SSV:61235", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
