DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310120618", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2015-628)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2015-12-15T00:00:00", "modified": "2020-03-13T00:00:00", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120618", "reporter": "Copyright (C) 2015 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-628.html"], "cvelist": ["CVE-2015-7497", "CVE-2015-7941", "CVE-2015-8317", "CVE-2015-7498", "CVE-2015-8241", "CVE-2015-5312", "CVE-2015-7500", "CVE-2015-8242", "CVE-2015-1819", "CVE-2015-7499", "CVE-2015-7942"], "lastseen": "2020-03-17T22:58:30", "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["LIBXML2_ADVISORY2.ASC"]}, {"type": "amazon", "idList": ["ALAS-2015-628", "ALAS2-2019-1220"]}, {"type": "apple", "idList": ["APPLE:08DDC9EE4E7DEBCD387FA33304B8E244", "APPLE:138B6A194013E2308AFAD7088D94B143", "APPLE:30DAD52FE6873B43EFC82661563B56D6", "APPLE:6675EF5C2567C41D8B07EDE19642D215", "APPLE:73A5DE43E262286D306BB143FE6D4F15", "APPLE:781D931DB9B2E3B8255557FD7BF0D6F8", "APPLE:87561C7576B031D8E8098D98D5BACF41", "APPLE:8DE1B81CB3F1FAE2DFA54423887EED84", "APPLE:A698320079BD7F6AF117CDE3A822068D", "APPLE:AD3C9159192D0BE1FCE85D24889D3B53", "APPLE:HT206166", "APPLE:HT206167", "APPLE:HT206168", "APPLE:HT206169", "APPLE:HT206899", "APPLE:HT206901", "APPLE:HT206902", "APPLE:HT206903", "APPLE:HT206904", "APPLE:HT206905"]}, {"type": "archlinux", "idList": ["ASA-201512-6"]}, {"type": "centos", "idList": ["CESA-2015:1419", "CESA-2015:2549", "CESA-2015:2550"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1EC71DA3FB8309BFA0C5B2A494033370"]}, {"type": "cve", "idList": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2016-4619"]}, {"type": "debian", "idList": ["DEBIAN:DLA-266-1:8DFA3", "DEBIAN:DLA-266-1:D0AB4", "DEBIAN:DLA-334-1:C1669", "DEBIAN:DLA-355-1:F71E7", "DEBIAN:DLA-373-1:B7349", "DEBIAN:DSA-3430-1:21018", "DEBIAN:DSA-3430-1:A974A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1819", "DEBIANCVE:CVE-2015-5312", "DEBIANCVE:CVE-2015-7497", "DEBIANCVE:CVE-2015-7498", "DEBIANCVE:CVE-2015-7499", "DEBIANCVE:CVE-2015-7500", "DEBIANCVE:CVE-2015-7941", "DEBIANCVE:CVE-2015-7942", "DEBIANCVE:CVE-2015-8241", "DEBIANCVE:CVE-2015-8242", "DEBIANCVE:CVE-2015-8317"]}, {"type": "f5", "idList": ["F5:K61570943", "SOL61570943"]}, {"type": "fedora", "idList": ["FEDORA:454A0601DA33", "FEDORA:473D96090BE2", "FEDORA:4959A6092042", "FEDORA:8FB206094351"]}, {"type": "freebsd", "idList": ["9C7177FF-1FE1-11E5-9A01-BCAEC565249C", "E5423CAF-8FB8-11E5-918C-BCAEC565249C"]}, {"type": "gentoo", "idList": ["GLSA-201507-08", "GLSA-201701-37"]}, {"type": "github", "idList": ["GHSA-JXJR-5H69-QW3W", "GHSA-Q7WX-62R7-J2X7", "GHSA-XJQG-9JVG-FGX2"]}, {"type": "ibm", "idList": ["1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "17516BE1FEE8576600E7288D935EC0669C18FADD0D7BDD7B213E021E851E7F7D", "272A70EAB7832A1CA1419E5AF531A4920BA199872E0D365408A139F34D31075E", "2EFA761D58F0D7141C702194752C3FC6082E24B56AF4D50FDDDCE3EADBD675E9", "4EB6375AC60D18EF5D589BC88A70CB0698048440611BD71DE666FEA37A17ED94", "6082EF9EEC65FC8C759FD4BD5D61B617F34A710731C703A12F4C0E537B571626", "89257A9062FB5478B817FD1D0B21510D31D1A39427F3EFCD4545A41253582842", "8F1916DF16BCE9B41284F1A9B9374A7B3967DF92C2D2FD403A184D97F5FAEAC1", "94ADF9C910A362467000D0DD8590BD5C24E2AED265E1E3B9AB7A109A4D0AF94F", "AACF6F6443D6B1F43A3B1EB2158C0974A7E3740F82735809A14DB68D406E34ED", "D0A0F46532042E5EFF0B318CEB20930919394C41E25AF5EF8781A9600DF06A94", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D4D9239D39380DAAAF0663AA50B7560152F0E3980E2EE27DD40046B16E4D33B3", "D911317A5AB78973EC0BCDD274D56A8146D89345FD34F13DAEEC08B6503FEAE0", "DAE66C3F24DC9C9F32A4918C846A8F515A6E526CE6B4F5F2BBF09EFE18B62398", "ECAE9C428E6921780DCBD019FD8DB249F90FAE52B7CDFC11A8FDE3AB81842108", "F5F7933E4670518D029E646B3B5F66B6C322058A1D1D30AD54B208AD8D95B0DE"]}, {"type": "mageia", "idList": ["MGASA-2015-0358", "MGASA-2015-0423", "MGASA-2015-0457"]}, {"type": "nessus", "idList": ["9327.PRM", "9331.PRM", "9336.PRM", "AIX_IV80586.NASL", "AIX_IV80588.NASL", "AIX_IV80616.NASL", "AIX_IV80617.NASL", "AIX_U866671.NASL", "AIX_U868931.NASL", "AIX_U870330.NASL", "AL2_ALAS-2019-1220.NASL", "ALA_ALAS-2015-628.NASL", "APPLETV_9_2.NASL", "APPLE_IOS_933_CHECK.NBIN", "APPLE_IOS_93_CHECK.NBIN", "CENTOS_RHSA-2015-1419.NASL", "CENTOS_RHSA-2015-2549.NASL", "CENTOS_RHSA-2015-2550.NASL", "DEBIAN_DLA-266.NASL", "DEBIAN_DLA-355.NASL", "DEBIAN_DLA-373.NASL", "DEBIAN_DSA-3430.NASL", "F5_BIGIP_SOL61570943.NASL", "FEDORA_2015-037F844D3E.NASL", "FEDORA_2015-C24AF963A2.NASL", "FEDORA_2016-189A7BF68C.NASL", "FEDORA_2016-A9EE80B01D.NASL", "FREEBSD_PKG_9C7177FF1FE111E59A01BCAEC565249C.NASL", "FREEBSD_PKG_E5423CAF8FB811E5918CBCAEC565249C.NASL", "GENTOO_GLSA-201507-08.NASL", "GENTOO_GLSA-201701-37.NASL", "MACOSX_10_11_4.NASL", "MACOSX_SECUPD2016-002.NASL", "OPENSUSE-2015-959.NASL", "OPENSUSE-2016-32.NASL", "ORACLELINUX_ELSA-2015-1419.NASL", "ORACLELINUX_ELSA-2015-2549.NASL", "ORACLELINUX_ELSA-2015-2550.NASL", "ORACLEVM_OVMSA-2015-0097.NASL", "ORACLEVM_OVMSA-2015-0152.NASL", "REDHAT-RHSA-2015-1419.NASL", "REDHAT-RHSA-2015-2549.NASL", "REDHAT-RHSA-2015-2550.NASL", "SL_20150722_LIBXML2_ON_SL6_X.NASL", "SL_20151207_LIBXML2_ON_SL6_X.NASL", "SL_20151207_LIBXML2_ON_SL7_X.NASL", "SUSE_SU-2016-0030-1.NASL", "SUSE_SU-2016-0049-1.NASL", "UBUNTU_USN-2812-1.NASL", "UBUNTU_USN-2834-1.NASL", "UBUNTU_USN-2875-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105550", "OPENVAS:1361412562310121389", "OPENVAS:1361412562310122794", "OPENVAS:1361412562310122795", "OPENVAS:1361412562310123052", "OPENVAS:1361412562310130031", "OPENVAS:1361412562310131119", "OPENVAS:1361412562310131140", "OPENVAS:1361412562310703430", "OPENVAS:1361412562310806693", "OPENVAS:1361412562310806695", "OPENVAS:1361412562310806792", "OPENVAS:1361412562310807268", "OPENVAS:1361412562310842535", "OPENVAS:1361412562310842557", "OPENVAS:1361412562310842607", "OPENVAS:1361412562310871411", "OPENVAS:1361412562310871513", "OPENVAS:1361412562310871514", "OPENVAS:703430"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1419", "ELSA-2015-2549", "ELSA-2015-2550"]}, {"type": "osv", "idList": ["OSV:DLA-266-1", "OSV:DLA-334-1", "OSV:DLA-355-1", "OSV:DLA-373-1", "OSV:DSA-3430-1", "OSV:GHSA-JXJR-5H69-QW3W", "OSV:GHSA-Q7WX-62R7-J2X7", "OSV:GHSA-XJQG-9JVG-FGX2"]}, {"type": "redhat", "idList": ["RHSA-2015:1419", "RHSA-2015:2549", "RHSA-2015:2550"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2015-1819", "RUBY:NOKOGIRI-2015-5312", "RUBY:NOKOGIRI-2015-7499"]}, {"type": "suse", "idList": ["SUSE-SU-2016:0786-1"]}, {"type": "ubuntu", "idList": ["USN-2812-1", "USN-2834-1", "USN-2875-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-1819", "UB:CVE-2015-5312", "UB:CVE-2015-7497", "UB:CVE-2015-7498", "UB:CVE-2015-7499", "UB:CVE-2015-7500", "UB:CVE-2015-7941", "UB:CVE-2015-7942", "UB:CVE-2015-8241", "UB:CVE-2015-8242", "UB:CVE-2015-8317"]}]}, "score": {"value": 0.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["LIBXML2_ADVISORY2.ASC"]}, {"type": "amazon", "idList": ["ALAS-2015-628"]}, {"type": "apple", "idList": ["APPLE:HT206169"]}, {"type": "archlinux", "idList": ["ASA-201512-6"]}, {"type": "centos", "idList": ["CESA-2015:2549"]}, {"type": "cve", "idList": ["CVE-2015-1819", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"]}, {"type": "debian", "idList": ["DEBIAN:DLA-334-1:C1669", "DEBIAN:DSA-3430-1:21018"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1819", "DEBIANCVE:CVE-2015-5312", "DEBIANCVE:CVE-2015-7497", "DEBIANCVE:CVE-2015-7498", "DEBIANCVE:CVE-2015-7499", "DEBIANCVE:CVE-2015-7500", "DEBIANCVE:CVE-2015-7941", "DEBIANCVE:CVE-2015-7942", "DEBIANCVE:CVE-2015-8241", "DEBIANCVE:CVE-2015-8242", "DEBIANCVE:CVE-2015-8317"]}, {"type": "f5", "idList": ["SOL61570943"]}, {"type": "fedora", "idList": ["FEDORA:454A0601DA33"]}, {"type": "freebsd", "idList": ["E5423CAF-8FB8-11E5-918C-BCAEC565249C"]}, {"type": "gentoo", "idList": ["GLSA-201701-37"]}, {"type": "ibm", "idList": ["17516BE1FEE8576600E7288D935EC0669C18FADD0D7BDD7B213E021E851E7F7D", "2EFA761D58F0D7141C702194752C3FC6082E24B56AF4D50FDDDCE3EADBD675E9", "ECAE9C428E6921780DCBD019FD8DB249F90FAE52B7CDFC11A8FDE3AB81842108"]}, {"type": "nessus", "idList": ["AIX_IV80617.NASL", "CENTOS_RHSA-2015-2549.NASL", "FREEBSD_PKG_9C7177FF1FE111E59A01BCAEC565249C.NASL", "FREEBSD_PKG_E5423CAF8FB811E5918CBCAEC565249C.NASL", "REDHAT-RHSA-2015-1419.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310806693", "OPENVAS:1361412562310871513"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2549"]}, {"type": "redhat", "idList": ["RHSA-2015:1419"]}, {"type": "suse", "idList": ["SUSE-SU-2016:0786-1"]}, {"type": "ubuntu", "idList": ["USN-2812-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-7499"]}]}, "exploitation": null, "vulnersScore": 0.6}, "pluginID": "1361412562310120618", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120618\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-12-15 02:51:29 +0200 (Tue, 15 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-628)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in libxml2. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update libxml2 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-628.html\");\n script_cve_id(\"CVE-2015-7497\", \"CVE-2015-7500\", \"CVE-2015-7499\", \"CVE-2015-8241\", \"CVE-2015-7498\", \"CVE-2015-8242\", \"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-8317\", \"CVE-2015-7942\", \"CVE-2015-7941\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-debuginfo\", rpm:\"libxml2-debuginfo~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python26\", rpm:\"libxml2-python26~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-python27\", rpm:\"libxml2-python27~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxml2-static\", rpm:\"libxml2-static~2.9.1~6.2.50.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659988328, "score": 1659947754}, "_internal": {"score_hash": "74099b7ee8f566c6f627ef95a015ddc9"}}

{"nessus": [{"lastseen": "2023-01-11T15:05:49", "description": "A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n\nThe xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941 .\n\nlibxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.\n\nA heap-based buffer overflow vulnerability was found in xmlDictComputeFastQKey in dict.c.\n\nA heap-based buffer overflow read in xmlParseMisc was found.\n\nA heap-based buffer overflow was found in xmlGROW allowing the attacker to read the memory out of bounds.\n\nA buffer overread in xmlNextChar was found, causing segmentation fault when compiled with ASAN.\n\nHeap-based buffer overflow was found in xmlParseXmlDecl. When conversion failure happens, parser continues to extract more errors which may lead to unexpected behaviour.\n\nStack-based buffer overread vulnerability with HTML parser in push mode in xmlSAX2TextNode causing segmentation fault when compiled with ASAN.\n\nA vulnerability in libxml2 was found causing DoS by exhausting CPU when parsing specially crafted XML document.\n\nAn out-of-bounds heap read in xmlParseXMLDecl happens when a file containing unfinished xml declaration.", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : libxml2 (ALAS-2015-628)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxml2", "p-cpe:/a:amazon:linux:libxml2-debuginfo", "p-cpe:/a:amazon:linux:libxml2-devel", "p-cpe:/a:amazon:linux:libxml2-python26", "p-cpe:/a:amazon:linux:libxml2-python27", "p-cpe:/a:amazon:linux:libxml2-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-628.NASL", "href": "https://www.tenable.com/plugins/nessus/87354", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-628.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87354);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_xref(name:\"ALAS\", value:\"2015-628\");\n\n script_name(english:\"Amazon Linux AMI : libxml2 (ALAS-2015-628)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n\nThe xmlParseConditionalSections function in parser.c in libxml2 does\nnot properly skip intermediary entities when it stops parsing invalid\ninput, which allows context-dependent attackers to cause a denial of\nservice (out-of-bounds read and crash) via crafted XML data, a\ndifferent vulnerability than CVE-2015-7941 .\n\nlibxml2 2.9.2 does not properly stop parsing invalid input, which\nallows context-dependent attackers to cause a denial of service\n(out-of-bounds read and libxml2 crash) via crafted XML data to the (1)\nxmlParseEntityDecl or (2) xmlParseConditionalSections function in\nparser.c, as demonstrated by non-terminated entities.\n\nA heap-based buffer overflow vulnerability was found in\nxmlDictComputeFastQKey in dict.c.\n\nA heap-based buffer overflow read in xmlParseMisc was found.\n\nA heap-based buffer overflow was found in xmlGROW allowing the\nattacker to read the memory out of bounds.\n\nA buffer overread in xmlNextChar was found, causing segmentation fault\nwhen compiled with ASAN.\n\nHeap-based buffer overflow was found in xmlParseXmlDecl. When\nconversion failure happens, parser continues to extract more errors\nwhich may lead to unexpected behaviour.\n\nStack-based buffer overread vulnerability with HTML parser in push\nmode in xmlSAX2TextNode causing segmentation fault when compiled with\nASAN.\n\nA vulnerability in libxml2 was found causing DoS by exhausting CPU\nwhen parsing specially crafted XML document.\n\nAn out-of-bounds heap read in xmlParseXMLDecl happens when a file\ncontaining unfinished xml declaration.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-628.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update libxml2' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-2.9.1-6.2.50.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-debuginfo-2.9.1-6.2.50.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-devel-2.9.1-6.2.50.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-python26-2.9.1-6.2.50.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-python27-2.9.1-6.2.50.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxml2-static-2.9.1-6.2.50.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python26 / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:57", "description": "Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20151207)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxml2", "p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxml2-devel", "p-cpe:/a:fermilab:scientific_linux:libxml2-python", "p-cpe:/a:fermilab:scientific_linux:libxml2-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151207_LIBXML2_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87581);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20151207)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\nCVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942,\nCVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nThe desktop must be restarted (log out, then log back in) for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281955\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=17295\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?930c9f89\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5312\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-debuginfo-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-devel-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-python-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libxml2-static-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T16:30:15", "description": "This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-12T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0030-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-doc", "p-cpe:/a:novell:suse_linux:libxml2-python", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-0030-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0030-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87862);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_bugtraq_id(75570);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0030-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml\n input by stopping parsing on entities boundaries errors\n [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in\n Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when\n EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is\n broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue\n [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding\n conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser /\n Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-1819/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5312/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7497/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7498/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7499/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7500/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7941/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8241/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8242/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8317/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160030-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e3022a8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Software Development Kit 11-SP3 :\n\nzypper in -t patch sdksp3-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-libxml2-20151221-12298=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-libxml2-20151221-12298=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libxml2-doc-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libxml2-doc-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libxml2-32bit-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libxml2-2.7.6-0.34.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libxml2-python-2.7.6-0.34.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:04:56", "description": "Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "CentOS 6 : libxml2 (CESA-2015:2549)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-2549.NASL", "href": "https://www.tenable.com/plugins/nessus/87223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2549 and \n# CentOS Errata and Security Advisory 2015:2549 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87223);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_xref(name:\"RHSA\", value:\"2015:2549\");\n\n script_name(english:\"CentOS 6 : libxml2 (CESA-2015:2549)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,\nCVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241,\nCVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-December/021516.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4849eb35\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5312\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-2.7.6-20.el6_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-devel-2.7.6-20.el6_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-python-2.7.6-20.el6_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-static-2.7.6-20.el6_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:23", "description": "Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20151207)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxml2", "p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxml2-devel", "p-cpe:/a:fermilab:scientific_linux:libxml2-python", "p-cpe:/a:fermilab:scientific_linux:libxml2-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151207_LIBXML2_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87235", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87235);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20151207)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,\nCVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241,\nCVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nThe desktop must be restarted (log out, then log back in) for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281955\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=79\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06aa91f1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5312\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-2.7.6-20.el6_7.1\", el_string:\"el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6_7.1\", el_string:\"el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-devel-2.7.6-20.el6_7.1\", el_string:\"el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-python-2.7.6-20.el6_7.1\", el_string:\"el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-static-2.7.6-20.el6_7.1\", el_string:\"el6_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:06:05", "description": "Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "RHEL 6 : libxml2 (RHSA-2015:2549)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2015-2549.NASL", "href": "https://www.tenable.com/plugins/nessus/87233", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2549. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87233);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_xref(name:\"RHSA\", value:\"2015:2549\");\n\n script_name(english:\"RHEL 6 : libxml2 (RHSA-2015:2549)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,\nCVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241,\nCVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7941\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2549\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-devel-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-python-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-python-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-python-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-static-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-static-2.7.6-20.el6_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-static-2.7.6-20.el6_7.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:57", "description": "From Red Hat Security Advisory 2015:2549 :\n\nUpdated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : libxml2 (ELSA-2015-2549)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:libxml2-python", "p-cpe:/a:oracle:linux:libxml2-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-2549.NASL", "href": "https://www.tenable.com/plugins/nessus/87230", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2549 and \n# Oracle Linux Security Advisory ELSA-2015-2549 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87230);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_xref(name:\"RHSA\", value:\"2015:2549\");\n\n script_name(english:\"Oracle Linux 6 : libxml2 (ELSA-2015-2549)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2549 :\n\nUpdated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,\nCVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241,\nCVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-December/005601.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-2.7.6-20.0.1.el6_7.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-devel-2.7.6-20.0.1.el6_7.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-python-2.7.6-20.0.1.el6_7.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-static-2.7.6-20.0.1.el6_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:05", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Update doc/redhat.gif in tarball\n\n - Add libxml2-oracle-enterprise.patch and update logos in tarball\n\n - Fix a series of CVEs (rhbz#1286495)\n\n - CVE-2015-7941 Cleanup conditional section error handling\n\n - CVE-2015-8317 Fail parsing early on if encoding conversion failed\n\n - CVE-2015-7942 Another variation of overflow in Conditional sections\n\n - CVE-2015-7942 Fix an error in previous Conditional section patch\n\n - Fix parsing short unclosed comment uninitialized access\n\n - CVE-2015-7498 Avoid processing entities after encoding conversion failures\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey\n\n - CVE-2015-5312 Another entity expansion issue\n\n - CVE-2015-7499 Add xmlHaltParser to stop the parser\n\n - CVE-2015-7499 Detect incoherency on GROW\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode\n\n - Libxml violates the zlib interface and crashes", "cvss3": {}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : libxml2 (OVMSA-2015-0152)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:libxml2", "p-cpe:/a:oracle:vm:libxml2-python", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0152.NASL", "href": "https://www.tenable.com/plugins/nessus/87232", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0152.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87232);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"OracleVM 3.3 : libxml2 (OVMSA-2015-0152)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Update doc/redhat.gif in tarball\n\n - Add libxml2-oracle-enterprise.patch and update logos in\n tarball\n\n - Fix a series of CVEs (rhbz#1286495)\n\n - CVE-2015-7941 Cleanup conditional section error handling\n\n - CVE-2015-8317 Fail parsing early on if encoding\n conversion failed\n\n - CVE-2015-7942 Another variation of overflow in\n Conditional sections\n\n - CVE-2015-7942 Fix an error in previous Conditional\n section patch\n\n - Fix parsing short unclosed comment uninitialized access\n\n - CVE-2015-7498 Avoid processing entities after encoding\n conversion failures\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey\n\n - CVE-2015-5312 Another entity expansion issue\n\n - CVE-2015-7499 Add xmlHaltParser to stop the parser\n\n - CVE-2015-7499 Detect incoherency on GROW\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode\n\n - Libxml violates the zlib interface and crashes\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-December/000399.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1268d569\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 / libxml2-python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"libxml2-2.7.6-20.0.1.el6_7.1\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"libxml2-python-2.7.6-20.0.1.el6_7.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-python\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:22:28", "description": "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.(CVE-2015-8242)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-7500)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.(CVE-2015-8317)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-7497)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-7498)\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.(CVE-2015-1819)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.(CVE-2015-7941)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.(CVE-2015-7499)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.(CVE-2015-8241)\n\nA denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU.(CVE-2015-5312)\n\nA heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash causing a denial of service.(CVE-2015-7942)\n\nIt was discovered that libxml2 could access out-of-bounds memory when parsing unclosed HTML comments. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose heap memory contents.(CVE-2015-8710)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-31T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : libxml2 (ALAS-2019-1220)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2020-01-13T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxml2", "p-cpe:/a:amazon:linux:libxml2-debuginfo", "p-cpe:/a:amazon:linux:libxml2-devel", "p-cpe:/a:amazon:linux:libxml2-python", "p-cpe:/a:amazon:linux:libxml2-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1220.NASL", "href": "https://www.tenable.com/plugins/nessus/125603", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1220.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125603);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"ALAS\", value:\"2019-1220\");\n\n script_name(english:\"Amazon Linux 2 : libxml2 (ALAS-2019-1220)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to leak\npotentially sensitive information.(CVE-2015-8242)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to\ncrash.(CVE-2015-7500)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to leak\npotentially sensitive information.(CVE-2015-8317)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to\ncrash.(CVE-2015-7497)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to\ncrash.(CVE-2015-7498)\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of\nmemory.(CVE-2015-1819)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to\ncrash.(CVE-2015-7941)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to leak\npotentially sensitive information.(CVE-2015-7499)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to leak\npotentially sensitive information.(CVE-2015-8241)\n\nA denial of service flaw was found in libxml2. A remote attacker could\nprovide a specially crafted XML or HTML file that, when processed by\nan application using libxml2, would cause that application to use an\nexcessive amount of CPU.(CVE-2015-5312)\n\nA heap-based buffer overflow flaw was found in the way libxml2 parsed\ncertain crafted XML input. A remote attacker could provide a specially\ncrafted XML file that, when opened in an application linked against\nlibxml2, would cause the application to crash causing a denial of\nservice.(CVE-2015-7942)\n\nIt was discovered that libxml2 could access out-of-bounds memory when\nparsing unclosed HTML comments. A remote attacker could provide a\nspecially crafted XML file that, when processed by an application\nlinked against libxml2, could cause the application to disclose heap\nmemory contents.(CVE-2015-8710)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1220.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update libxml2' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-2.9.1-6.amzn2.3.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-debuginfo-2.9.1-6.amzn2.3.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-devel-2.9.1-6.amzn2.3.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-python-2.9.1-6.amzn2.3.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libxml2-static-2.9.1-6.amzn2.3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:04:56", "description": "Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "RHEL 7 : libxml2 (RHSA-2015:2550)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2020-04-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-2550.NASL", "href": "https://www.tenable.com/plugins/nessus/87234", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2550. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87234);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/08\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"RHSA\", value:\"2015:2550\");\n\n script_name(english:\"RHEL 7 : libxml2 (RHSA-2015:2550)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\nCVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942,\nCVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was\ndiscovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-8710\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2550\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"libxml2-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxml2-debuginfo-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxml2-devel-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libxml2-python-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libxml2-python-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libxml2-static-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:05:07", "description": "From Red Hat Security Advisory 2015:2550 :\n\nUpdated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : libxml2 (ELSA-2015-2550)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:libxml2-python", "p-cpe:/a:oracle:linux:libxml2-static", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-2550.NASL", "href": "https://www.tenable.com/plugins/nessus/87231", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2550 and \n# Oracle Linux Security Advisory ELSA-2015-2550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87231);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"RHSA\", value:\"2015:2550\");\n\n script_name(english:\"Oracle Linux 7 : libxml2 (ELSA-2015-2550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2550 :\n\nUpdated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\nCVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942,\nCVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was\ndiscovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-December/005600.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8710\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxml2-2.9.1-6.0.1.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxml2-devel-2.9.1-6.0.1.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxml2-python-2.9.1-6.0.1.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libxml2-static-2.9.1-6.0.1.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:04:57", "description": "Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the original reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck as the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T00:00:00", "type": "nessus", "title": "CentOS 7 : libxml2 (CESA-2015:2550)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-2550.NASL", "href": "https://www.tenable.com/plugins/nessus/87224", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2550 and \n# CentOS Errata and Security Advisory 2015:2550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87224);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"RHSA\", value:\"2015:2550\");\n\n script_name(english:\"CentOS 7 : libxml2 (CESA-2015:2550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nSeveral denial of service flaws were found in libxml2, a library\nproviding support for reading, modifying, and writing XML and HTML\nfiles. A remote attacker could provide a specially crafted XML or HTML\nfile that, when processed by an application using libxml2, would cause\nthat application to use an excessive amount of CPU, leak potentially\nsensitive information, or in certain cases crash the application.\n(CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\nCVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942,\nCVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955)\n\nRed Hat would like to thank the GNOME project for reporting\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500,\nCVE-2015-8241, CVE-2015-8242, and CVE-2015-8317. Upstream acknowledges\nKostya Serebryany of Google as the original reporter of CVE-2015-7497,\nCVE-2015-7498, CVE-2015-7499, and CVE-2015-7500; Hugh Davenport as the\noriginal reporter of CVE-2015-8241 and CVE-2015-8242; and Hanno Boeck\nas the original reporter of CVE-2015-8317. The CVE-2015-1819 issue was\ndiscovered by Florian Weimer of Red Hat Product Security.\n\nAll libxml2 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-December/002730.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29b52cd4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8710\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxml2-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxml2-devel-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxml2-python-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libxml2-static-2.9.1-6.el7_2.2\", el_string:\"el7_2\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:30:00", "description": "- security update: This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110] This update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-01-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2016-32)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-32.NASL", "href": "https://www.tenable.com/plugins/nessus/88122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-32.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88122);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2016-32)\");\n script_summary(english:\"Check for the openSUSE-2016-32 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update: This update fixes the following\n security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml\n input by stopping parsing on entities boundaries errors\n [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in\n Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when\n EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is\n broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue\n [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding\n conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser /\n Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to\n denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML\n document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries [bnc#957110] This update was\n imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-2-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-debugsource-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-devel-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libxml2-tools-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debuginfo-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-libxml2-debugsource-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.1-10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T16:28:38", "description": "- security update: This update fixes the following security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-12T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2", "p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo", "p-cpe:/a:novell:suse_linux:libxml2-debugsource", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2", "p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo", "p-cpe:/a:novell:suse_linux:python-libxml2-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0049-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0049-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87865);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_bugtraq_id(75570);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update: This update fixes the following\n security issues :\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory [bnc#928193]\n\n - CVE-2015-7941 Fix out of bound read with crafted xml\n input by stopping parsing on entities boundaries errors\n [bnc#951734]\n\n - CVE-2015-7942 Fix another variation of overflow in\n Conditional sections [bnc#951735]\n\n - CVE-2015-8241 Avoid extra processing of MarkupDecl when\n EOF [bnc#956018]\n\n - CVE-2015-8242 Buffer overead with HTML parser in push\n mode [bnc#956021]\n\n - CVE-2015-8317 Return if the encoding declaration is\n broken or encoding conversion failed [bnc#956260]\n\n - CVE-2015-5312 Fix another entity expansion issue\n [bnc#957105]\n\n - CVE-2015-7497 Avoid an heap buffer overflow in\n xmlDictComputeFastQKey [bnc#957106]\n\n - CVE-2015-7498 Processes entities after encoding\n conversion failures [bnc#957107]\n\n - CVE-2015-7499 Add xmlHaltParser() to stop the parser /\n Detect incoherency on GROW [bnc#957109]\n\n - CVE-2015-8317 Multiple out-of-bound read could lead to\n denial of service [bnc#956260]\n\n - CVE-2015-8035 DoS when parsing specially crafted XML\n document if XZ support is enabled [bnc#954429]\n\n - CVE-2015-7500 Fix memory access error due to incorrect\n entities boundaries [bnc#957110]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-1819/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5312/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7497/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7498/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7499/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7500/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7941/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8035/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8241/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8242/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8317/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160049-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4cc8f2f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-38=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-38=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-38=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-38=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-debugsource-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-tools-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libxml2-tools-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-debuginfo-2.9.1-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"python-libxml2-debugsource-2.9.1-13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:47", "description": "Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)\n\nHugh Davenport discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8241, CVE-2015-8242)\n\nHanno Boeck discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-8317).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2834-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2834-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87369", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2834-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87369);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_xref(name:\"USN\", value:\"2834-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2834-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kostya Serebryany discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. (CVE-2015-5312,\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)\n\nHugh Davenport discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. (CVE-2015-8241,\nCVE-2015-8242)\n\nHanno Boeck discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. This issue only\napplied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-8317).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2834-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxml2\", pkgver:\"2.7.8.dfsg-5.1ubuntu4.13\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libxml2\", pkgver:\"2.9.2+dfsg1-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libxml2\", pkgver:\"2.9.2+zdfsg1-4ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T16:32:13", "description": "CVE-2015-5312 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.\n\nCVE-2015-7497 Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.\n\nCVE-2015-7498 Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.\n\nCVE-2015-7499 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.\n\nCVE-2015-7500 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.\n\nCVE-2015-7941 libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.\n\nCVE-2015-7942 The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.\n\nCVE-2015-8241 The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.\n\nCVE-2015-8242 The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.\n\nCVE-2015-8317 The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", "cvss3": {}, "published": "2016-02-16T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Multiple libXML2 vulnerabilities (K61570943)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3660", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL61570943.NASL", "href": "https://www.tenable.com/plugins/nessus/88742", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K61570943.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88742);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2014-3660\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n script_bugtraq_id(70644);\n\n script_name(english:\"F5 Networks BIG-IP : Multiple libXML2 vulnerabilities (K61570943)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"CVE-2015-5312 The xmlStringLenDecodeEntities function in parser.c in\nlibxml2 before 2.9.3 does not properly prevent entity expansion, which\nallows context-dependent attackers to cause a denial of service (CPU\nconsumption) via crafted XML data, a different vulnerability than\nCVE-2014-3660.\n\nCVE-2015-7497 Heap-based buffer overflow in the xmlDictComputeFastQKey\nfunction in dict.c in libxml2 before 2.9.3 allows context-dependent\nattackers to cause a denial of service via unspecified vectors.\n\nCVE-2015-7498 Heap-based buffer overflow in the xmlParseXmlDecl\nfunction in parser.c in libxml2 before 2.9.3 allows context-dependent\nattackers to cause a denial of service via unspecified vectors related\nto extracting errors after an encoding conversion failure.\n\nCVE-2015-7499 Heap-based buffer overflow in the xmlGROW function in\nparser.c in libxml2 before 2.9.3 allows context-dependent attackers to\nobtain sensitive process memory information via unspecified vectors.\n\nCVE-2015-7500 The xmlParseMisc function in parser.c in libxml2 before\n2.9.3 allows context-dependent attackers to cause a denial of service\n(out-of-bounds heap read) via unspecified vectors related to incorrect\nentities boundaries and start tags.\n\nCVE-2015-7941 libxml2 2.9.2 does not properly stop parsing invalid\ninput, which allows context-dependent attackers to cause a denial of\nservice (out-of-bounds read and libxml2 crash) via crafted XML data to\nthe (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function\nin parser.c, as demonstrated by non-terminated entities.\n\nCVE-2015-7942 The xmlParseConditionalSections function in parser.c in\nlibxml2 does not properly skip intermediary entities when it stops\nparsing invalid input, which allows context-dependent attackers to\ncause a denial of service (out-of-bounds read and crash) via crafted\nXML data, a different vulnerability than CVE-2015-7941.\n\nCVE-2015-8241 The xmlNextChar function in libxml2 2.9.2 does not\nproperly check the state, which allows context-dependent attackers to\ncause a denial of service (heap-based buffer over-read and application\ncrash) or obtain sensitive information via crafted XML data.\n\nCVE-2015-8242 The xmlSAX2TextNode function in SAX2.c in the push\ninterface in the HTML parser in libxml2 before 2.9.3 allows\ncontext-dependent attackers to cause a denial of service (stack-based\nbuffer over-read and application crash) or obtain sensitive\ninformation via crafted XML data.\n\nCVE-2015-8317 The xmlParseXMLDecl function in parser.c in libxml2\nbefore 2.9.3 allows context-dependent attackers to obtain sensitive\ninformation via an (1) unterminated encoding value or (2) incomplete\nXML declaration in XML data, which triggers an out-of-bounds heap\nread.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K61570943\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K61570943.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K61570943\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:04:31", "description": "reports :\n\nCVE-2015-5312 Another entity expansion issue (David Drysdale).\n\nCVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale).\n\nCVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard).\n\nCVE-2015-7499 (1) Add xmlHaltParser() to stop the parser (Daniel Veillard).\n\nCVE-2015-7499 (2) Detect incoherency on GROW (Daniel Veillard).\n\nCVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard).\n\nCVE-2015-7941 (1) Stop parsing on entities boundaries errors (Daniel Veillard).\n\nCVE-2015-7941 (2) Cleanup conditional section error handling (Daniel Veillard).\n\nCVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard).\n\nCVE-2015-7942 (2) Fix an error in previous Conditional section patch (Daniel Veillard).\n\nCVE-2015-8035 Fix XZ compression support loop (Daniel Veillard).\n\nCVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport)", "cvss3": {}, "published": "2015-11-23T00:00:00", "type": "nessus", "title": "FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libxml2", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E5423CAF8FB811E5918CBCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/87000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87000);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\");\n\n script_name(english:\"FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"reports :\n\nCVE-2015-5312 Another entity expansion issue (David Drysdale).\n\nCVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey\n(David Drysdale).\n\nCVE-2015-7498 Avoid processing entities after encoding conversion\nfailures (Daniel Veillard).\n\nCVE-2015-7499 (1) Add xmlHaltParser() to stop the parser (Daniel\nVeillard).\n\nCVE-2015-7499 (2) Detect incoherency on GROW (Daniel Veillard).\n\nCVE-2015-7500 Fix memory access error due to incorrect entities\nboundaries (Daniel Veillard).\n\nCVE-2015-7941 (1) Stop parsing on entities boundaries errors (Daniel\nVeillard).\n\nCVE-2015-7941 (2) Cleanup conditional section error handling (Daniel\nVeillard).\n\nCVE-2015-7942 Another variation of overflow in Conditional sections\n(Daniel Veillard).\n\nCVE-2015-7942 (2) Fix an error in previous Conditional section patch\n(Daniel Veillard).\n\nCVE-2015-8035 Fix XZ compression support loop (Daniel Veillard).\n\nCVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh\nDavenport)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://xmlsoft.org/news.html\"\n );\n # http://www.openwall.com/lists/oss-security/2015/11/18/23\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2015/11/18/23\"\n );\n # https://vuxml.freebsd.org/freebsd/e5423caf-8fb8-11e5-918c-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bf2b1197\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxml2<2.9.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T16:33:35", "description": "Very large set of security issues for libxml2 and a bunch of bug fixes too#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312 #CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941 #CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-C24AF963A2.NASL", "href": "https://www.tenable.com/plugins/nessus/89394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c24af963a2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89394);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"FEDORA\", value:\"2015-c24af963a2\");\n\n script_name(english:\"Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Very large set of security issues for libxml2 and a bunch of bug fixes\ntoo#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312\n#CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941\n#CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1211278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?add3c570\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"libxml2-2.9.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T16:34:42", "description": "Very large set of security issues for libxml2 and a bunch of bug fixes too#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312 #CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941 #CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxml2", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-037F844D3E.NASL", "href": "https://www.tenable.com/plugins/nessus/89130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-037f844d3e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89130);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"FEDORA\", value:\"2015-037f844d3e\");\n\n script_name(english:\"Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Very large set of security issues for libxml2 and a bunch of bug fixes\ntoo#CVE-2015-8242 #CVE-2015-7500 #CVE-2015-7499 #CVE-2015-5312\n#CVE-2015-7498 #CVE-2015-7497 #CVE-2015-1819 #CVE-2015-7941\n#CVE-2015-7942 #CVE-2015-8035\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1211278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8ecd72e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"libxml2-2.9.3-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T15:04:56", "description": "Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "Debian DSA-3430-1 : libxml2 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3430.NASL", "href": "https://www.tenable.com/plugins/nessus/87608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3430. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87608);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8317\", \"CVE-2015-8710\");\n script_xref(name:\"DSA\", value:\"3430\");\n\n script_name(english:\"Debian DSA-3430-1 : libxml2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in libxml2, a library\nproviding support to read, modify and write XML and HTML files. A\nremote attacker could provide a specially crafted XML or HTML file\nthat, when processed by an application using libxml2, would cause that\napplication to use an excessive amount of CPU, leak potentially\nsensitive information, or crash the application.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxml2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3430\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxml2 packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 2.8.0+dfsg1-7+wheezy5.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2.9.1+dfsg1-5+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxml2\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dev\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-doc\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-dev\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-doc\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxml2-dbg\", reference:\"2.9.1+dfsg1-5+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:04:53", "description": "- update to 2.9.3\n\n - full changelog: http://www.xmlsoft.org/news.html\n\n - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-8035, CVE-2015-7942, CVE-2015-1819, CVE-2015-7941, CVE-2014-3660, CVE-2014-0191, CVE-2015-8241, CVE-2015-8317\n\n - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735], [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260], [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109], [bsc#957110]", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxml2 (openSUSE-2015-959)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0191", "CVE-2014-3660", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxml2-2", "p-cpe:/a:novell:opensuse:libxml2-2-32bit", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo", "p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxml2-debugsource", "p-cpe:/a:novell:opensuse:libxml2-devel", "p-cpe:/a:novell:opensuse:libxml2-devel-32bit", "p-cpe:/a:novell:opensuse:libxml2-tools", "p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2", "p-cpe:/a:novell:opensuse:python-libxml2-debuginfo", "p-cpe:/a:novell:opensuse:python-libxml2-debugsource", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-959.NASL", "href": "https://www.tenable.com/plugins/nessus/87631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-959.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87631);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0191\", \"CVE-2014-3660\", \"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8241\", \"CVE-2015-8242\", \"CVE-2015-8317\");\n\n script_name(english:\"openSUSE Security Update : libxml2 (openSUSE-2015-959)\");\n script_summary(english:\"Check for the openSUSE-2015-959 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update to 2.9.3\n\n - full changelog: http://www.xmlsoft.org/news.html\n\n - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499,\n CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,\n CVE-2015-8035, CVE-2015-7942, CVE-2015-1819,\n CVE-2015-7941, CVE-2014-3660, CVE-2014-0191,\n CVE-2015-8241, CVE-2015-8317\n\n - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735],\n [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260],\n [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109],\n [bsc#957110]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.xmlsoft.org/news.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957110\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-libxml2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-2-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-2-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-debugsource-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-devel-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-tools-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libxml2-tools-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-debuginfo-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-libxml2-debugsource-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.3-2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-2-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-debugsource-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-devel-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libxml2-tools-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debuginfo-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-libxml2-debugsource-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-32bit-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-2-debuginfo-32bit-2.9.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libxml2-devel-32bit-2.9.3-7.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:15", "description": "Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.\n\nCVE-2015-5312: CPU exhaustion when processing specially crafted XML input. CVE-2015-7497: Heap-based buffer overflow in xmlDictComputeFastQKey. CVE-2015-7498: Heap-based buffer overflow in xmlParseXmlDecl. CVE-2015-7499: Heap-based buffer overflow in xmlGROW.\nCVE-2015-7500: Heap buffer overflow in xmlParseMisc.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "Debian DLA-373-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-373.NASL", "href": "https://www.tenable.com/plugins/nessus/87605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-373-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87605);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\");\n\n script_name(english:\"Debian DLA-373-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in libxml2, a library\nproviding support to read, modify and write XML and HTML files. A\nremote attacker could provide a specially crafted XML or HTML file\nthat, when processed by an application using libxml2, would cause that\napplication to use an excessive amount of CPU, leak potentially\nsensitive information, or crash the application.\n\nCVE-2015-5312: CPU exhaustion when processing specially crafted XML\ninput. CVE-2015-7497: Heap-based buffer overflow in\nxmlDictComputeFastQKey. CVE-2015-7498: Heap-based buffer overflow in\nxmlParseXmlDecl. CVE-2015-7499: Heap-based buffer overflow in xmlGROW.\nCVE-2015-7500: Heap buffer overflow in xmlParseMisc.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/12/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxml2\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dev\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-doc\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-utils\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze16\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:04:38", "description": "CVE-2015-8241 Buffer overread with XML parser in xmlNextChar\n\nCVE-2015-8317\n\n - issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors.\n\n - If the string is not properly terminated do not try to convert to the given encoding.\n\nAdditional fix for off by one error in previous patch for CVE-2015-7942 (thanks to Salvatore for spotting this)\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "Debian DLA-355-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8317"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-355.NASL", "href": "https://www.tenable.com/plugins/nessus/87076", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-355-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87076);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8241\", \"CVE-2015-8317\");\n\n script_name(english:\"Debian DLA-355-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2015-8241 Buffer overread with XML parser in xmlNextChar\n\nCVE-2015-8317\n\n - issues in the xmlParseXMLDecl function: If we fail\n conversing the current input stream while processing the\n encoding declaration of the XMLDecl then it's safer to\n just abort there and not try to report further errors.\n\n - If the string is not properly terminated do not try to\n convert to the given encoding.\n\nAdditional fix for off by one error in previous patch for\nCVE-2015-7942 (thanks to Salvatore for spotting this)\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/11/msg00016.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxml2\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dev\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-doc\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-utils\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-01-11T16:32:11", "description": "The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the xmlParseEntityDecl() and xmlParseConditionalSections() functions within file parser.c due to a failure to properly stop parsing invalid input. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the xmlParseConditionalSections() function within file parser.c due to not properly skipping intermediary entities. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar() function due to improper bounds checking. A local attacker can exploit this, via a malformed XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8241)", "cvss3": {}, "published": "2016-02-23T00:00:00", "type": "nessus", "title": "AIX 6.1 TL 9 : libxml2 (IV80588)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_IV80588.NASL", "href": "https://www.tenable.com/plugins/nessus/88883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88883);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-7941\",\n \"CVE-2015-7942\",\n \"CVE-2015-8241\"\n );\n script_bugtraq_id(\n 74241,\n 77621,\n 79507\n );\n\n script_name(english:\"AIX 6.1 TL 9 : libxml2 (IV80588)\");\n script_summary(english:\"Checks the version of the libxml2 packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the\n xmlParseEntityDecl() and xmlParseConditionalSections()\n functions within file parser.c due to a failure to\n properly stop parsing invalid input. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n XML data, to cause a denial of service condition or\n potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the\n xmlParseConditionalSections() function within file\n parser.c due to not properly skipping intermediary\n entities. An unauthenticated, remote attacker can\n exploit this, via specially crafted XML data, to cause a\n denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar()\n function due to improper bounds checking. A local\n attacker can exploit this, via a malformed XML file, to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2015-8241)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory2.asc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/AIX/version\");\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevel != \"AIX-6.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 6.1\", oslevel);\n}\n\noslevelcomplete = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevelcomplete)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevelcomplete, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nml = oslevelparts[1];\nversion_report = \"AIX \" + oslevel + \" ML \" + ml;\nif ( ml != \"09\")\n{\n audit(AUDIT_OS_NOT, \"ML 09\", version_report);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"6.1\", ml:\"09\", patch:\"IV80588s6a\", package:\"bos.rte.control\", minfilesetver:\"6.1.9.0\", maxfilesetver:\"6.1.9.100\") < 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.rte.control\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:32:27", "description": "The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the xmlParseEntityDecl() and xmlParseConditionalSections() functions within file parser.c due to a failure to properly stop parsing invalid input. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the xmlParseConditionalSections() function within file parser.c due to not properly skipping intermediary entities. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar() function due to improper bounds checking. A local attacker can exploit this, via a malformed XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8241)", "cvss3": {}, "published": "2016-02-23T00:00:00", "type": "nessus", "title": "AIX 5.3 TL 12 : libxml2 (IV80617)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:5.3"], "id": "AIX_IV80617.NASL", "href": "https://www.tenable.com/plugins/nessus/88885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88885);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-7941\",\n \"CVE-2015-7942\",\n \"CVE-2015-8241\"\n );\n script_bugtraq_id(\n 74241,\n 77621,\n 79507\n );\n\n script_name(english:\"AIX 5.3 TL 12 : libxml2 (IV80617)\");\n script_summary(english:\"Checks the version of the libxml2 packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the\n xmlParseEntityDecl() and xmlParseConditionalSections()\n functions within file parser.c due to a failure to\n properly stop parsing invalid input. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n XML data, to cause a denial of service condition or\n potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the\n xmlParseConditionalSections() function within file\n parser.c due to not properly skipping intermediary\n entities. An unauthenticated, remote attacker can\n exploit this, via specially crafted XML data, to cause a\n denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar()\n function due to improper bounds checking. A local\n attacker can exploit this, via a malformed XML file, to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2015-8241)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory2.asc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:5.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/AIX/version\");\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevel != \"AIX-5.3\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.3\", oslevel);\n}\n\noslevelcomplete = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevelcomplete)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevelcomplete, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nml = oslevelparts[1];\nversion_report = \"AIX \" + oslevel + \" ML \" + ml;\nif ( ml != \"12\")\n{\n audit(AUDIT_OS_NOT, \"ML 12\", version_report);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", patch:\"IV80617s9a\", package:\"bos.rte.control\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.9\") < 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.rte.control\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:31:52", "description": "The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the xmlParseEntityDecl() and xmlParseConditionalSections() functions within file parser.c due to a failure to properly stop parsing invalid input. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the xmlParseConditionalSections() function within file parser.c due to not properly skipping intermediary entities. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar() function due to improper bounds checking. A local attacker can exploit this, via a malformed XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8241)", "cvss3": {}, "published": "2016-02-23T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 3 : libxml2 (IV80586)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV80586.NASL", "href": "https://www.tenable.com/plugins/nessus/88882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88882);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-7941\",\n \"CVE-2015-7942\",\n \"CVE-2015-8241\"\n );\n script_bugtraq_id(\n 74241,\n 77621,\n 79507\n );\n\n script_name(english:\"AIX 7.1 TL 3 : libxml2 (IV80586)\");\n script_summary(english:\"Checks the version of the libxml2 packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the\n xmlParseEntityDecl() and xmlParseConditionalSections()\n functions within file parser.c due to a failure to\n properly stop parsing invalid input. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n XML data, to cause a denial of service condition or\n potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the\n xmlParseConditionalSections() function within file\n parser.c due to not properly skipping intermediary\n entities. An unauthenticated, remote attacker can\n exploit this, via specially crafted XML data, to cause a\n denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar()\n function due to improper bounds checking. A local\n attacker can exploit this, via a malformed XML file, to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2015-8241)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory2.asc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/AIX/version\");\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 7.1\", oslevel);\n}\n\noslevelcomplete = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevelcomplete)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevelcomplete, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nml = oslevelparts[1];\nversion_report = \"AIX \" + oslevel + \" ML \" + ml;\nif ( ml != \"03\" && ml != \"04\" )\n{\n audit(AUDIT_OS_NOT, \"ML 03/04\", version_report);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", patch:\"IV80586s1a\", package:\"bos.rte.control\", minfilesetver:\"7.1.3.0\", maxfilesetver:\"7.1.3.46\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"04\", patch:\"IV80586s1a\", package:\"bos.rte.control\", minfilesetver:\"7.1.4.0\", maxfilesetver:\"7.1.4.0\") < 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.rte.control\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:37:56", "description": "The remote host is missing AIX PTF U870330, which is related to the security of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.", "cvss3": {}, "published": "2016-05-19T00:00:00", "type": "nessus", "title": "AIX 7.2 : bos.rte.control (U870330)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_U870330.NASL", "href": "https://www.tenable.com/plugins/nessus/91237", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U870330. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91237);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\");\n\n script_name(english:\"AIX 7.2 : bos.rte.control (U870330)\");\n script_summary(english:\"Check for PTF U870330\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U870330, which is related to the\nsecurity of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based\nbuffer overflow in the xmlParseEntityDecl or\nxmlParseConditionalSections function. By using a specially crafted XML\ndata, a remote attacker could exploit this vulnerability to trigger an\nout-of-bounds read and cause the system to crash. Libxml2 is\nvulnerable to a denial of service, caused by a heap-based buffer\noverflow in the xmlParseConditionalSections function. By using a\nspecially crafted XML data, a remote attacker could exploit this\nvulnerability to trigger an out-of-bounds read and cause the system to\ncrash. libxml2 is vulnerable to a buffer overflow, caused by improper\nbounds checking by the XML parser in xmlNextChar. By using a malformed\nXML file, a local attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV80616\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"720000\", patch:\"U870330\", package:\"bos.rte.control.7.2.0.1\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:38:26", "description": "The remote host is missing AIX PTF U866671, which is related to the security of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.", "cvss3": {}, "published": "2016-05-19T00:00:00", "type": "nessus", "title": "AIX 6.1 TL 9 : bos.rte.control (U866671)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_U866671.NASL", "href": "https://www.tenable.com/plugins/nessus/91233", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U866671. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91233);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\");\n\n script_name(english:\"AIX 6.1 TL 9 : bos.rte.control (U866671)\");\n script_summary(english:\"Check for PTF U866671\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U866671, which is related to the\nsecurity of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based\nbuffer overflow in the xmlParseEntityDecl or\nxmlParseConditionalSections function. By using a specially crafted XML\ndata, a remote attacker could exploit this vulnerability to trigger an\nout-of-bounds read and cause the system to crash. Libxml2 is\nvulnerable to a denial of service, caused by a heap-based buffer\noverflow in the xmlParseConditionalSections function. By using a\nspecially crafted XML data, a remote attacker could exploit this\nvulnerability to trigger an out-of-bounds read and cause the system to\ncrash. libxml2 is vulnerable to a buffer overflow, caused by improper\nbounds checking by the XML parser in xmlNextChar. By using a malformed\nXML file, a local attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV80588\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"610009\", patch:\"U866671\", package:\"bos.rte.control.6.1.9.101\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:38:26", "description": "The remote host is missing AIX PTF U868931, which is related to the security of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using a specially crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.", "cvss3": {}, "published": "2016-05-19T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 4 : bos.rte.control (U868931)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_U868931.NASL", "href": "https://www.tenable.com/plugins/nessus/91234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U868931. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91234);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8241\");\n\n script_name(english:\"AIX 7.1 TL 4 : bos.rte.control (U868931)\");\n script_summary(english:\"Check for PTF U868931\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U868931, which is related to the\nsecurity of the package bos.rte.control.\n\nLibxml2 is vulnerable to a denial of service, caused by a heap-based\nbuffer overflow in the xmlParseEntityDecl or\nxmlParseConditionalSections function. By using a specially crafted XML\ndata, a remote attacker could exploit this vulnerability to trigger an\nout-of-bounds read and cause the system to crash. Libxml2 is\nvulnerable to a denial of service, caused by a heap-based buffer\noverflow in the xmlParseConditionalSections function. By using a\nspecially crafted XML data, a remote attacker could exploit this\nvulnerability to trigger an out-of-bounds read and cause the system to\ncrash. libxml2 is vulnerable to a buffer overflow, caused by improper\nbounds checking by the XML parser in xmlNextChar. By using a malformed\nXML file, a local attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV80586\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"710004\", patch:\"U868931\", package:\"bos.rte.control.7.1.4.1\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:31:30", "description": "The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the xmlParseEntityDecl() and xmlParseConditionalSections() functions within file parser.c due to a failure to properly stop parsing invalid input. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the xmlParseConditionalSections() function within file parser.c due to not properly skipping intermediary entities. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar() function due to improper bounds checking. A local attacker can exploit this, via a malformed XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8241)", "cvss3": {}, "published": "2016-02-23T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 0 : libxml2 (IV80616)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IV80616.NASL", "href": "https://www.tenable.com/plugins/nessus/88884", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88884);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-7941\",\n \"CVE-2015-7942\",\n \"CVE-2015-8241\"\n );\n script_bugtraq_id(\n 74241,\n 77621,\n 79507\n );\n\n script_name(english:\"AIX 7.2 TL 0 : libxml2 (IV80616)\");\n script_summary(english:\"Checks the version of the libxml2 packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AIX host has a version of libxml2 installed that is\naffected by the following vulnerabilities :\n\n - A heap-based buffer overflow condition exists in the\n xmlParseEntityDecl() and xmlParseConditionalSections()\n functions within file parser.c due to a failure to\n properly stop parsing invalid input. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n XML data, to cause a denial of service condition or\n potentially disclose sensitive memory contents.\n (CVE-2015-7941)\n\n - A heap-based buffer overflow condition exists in the\n xmlParseConditionalSections() function within file\n parser.c due to not properly skipping intermediary\n entities. An unauthenticated, remote attacker can\n exploit this, via specially crafted XML data, to cause a\n denial of service condition. (CVE-2015-7942)\n\n - A buffer overflow condition exists in the xmlNextChar()\n function due to improper bounds checking. A local\n attacker can exploit this, via a malformed XML file, to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2015-8241)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory2.asc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/AIX/version\");\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevel != \"AIX-7.2\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 7.2\", oslevel);\n}\n\noslevelcomplete = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevelcomplete)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevelcomplete, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nml = oslevelparts[1];\nversion_report = \"AIX \" + oslevel + \" ML \" + ml;\nif ( ml != \"00\")\n{\n audit(AUDIT_OS_NOT, \"ML 00\", version_report);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"00\", patch:\"IV80616s1a\", package:\"bos.rte.control\", minfilesetver:\"7.2.0.0\", maxfilesetver:\"7.2.0.0\") < 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.rte.control\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:04:25", "description": "Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8035).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-17T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2812-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2812-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86897", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2812-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86897);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"USN\", value:\"2812-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2812-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Florian Weimer discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause resource\nconsumption, resulting in a denial of service. This issue only\naffected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\n(CVE-2015-1819)\n\nMichal Zalewski discovered that libxml2 incorrectly handled certain\nXML data. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941)\n\nKostya Serebryany discovered that libxml2 incorrectly handled certain\nXML data. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2015-7942)\n\nGustavo Grieco discovered that libxml2 incorrectly handled certain XML\ndata. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 14.04 LTS. (CVE-2015-8035).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2812-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxml2\", pkgver:\"2.7.8.dfsg-5.1ubuntu4.12\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libxml2\", pkgver:\"2.9.2+dfsg1-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libxml2\", pkgver:\"2.9.2+zdfsg1-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:19:09", "description": "The remote host is affected by the vulnerability described in GLSA-201701-37 (libxml2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user or automated system to process a specially crafted XML document, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-17T00:00:00", "type": "nessus", "title": "GLSA-201701-37 : libxml2: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8806", "CVE-2016-1836", "CVE-2016-1838", "CVE-2016-1839", "CVE-2016-1840", "CVE-2016-2073", "CVE-2016-3627", "CVE-2016-3705", "CVE-2016-4483", "CVE-2016-4658", "CVE-2016-5131"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libxml2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201701-37.NASL", "href": "https://www.tenable.com/plugins/nessus/96541", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-37.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96541);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\", \"CVE-2015-5312\", \"CVE-2015-7497\", \"CVE-2015-7498\", \"CVE-2015-7499\", \"CVE-2015-7500\", \"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\", \"CVE-2015-8242\", \"CVE-2015-8806\", \"CVE-2016-1836\", \"CVE-2016-1838\", \"CVE-2016-1839\", \"CVE-2016-1840\", \"CVE-2016-2073\", \"CVE-2016-3627\", \"CVE-2016-3705\", \"CVE-2016-4483\", \"CVE-2016-4658\", \"CVE-2016-5131\");\n script_xref(name:\"GLSA\", value:\"201701-37\");\n\n script_name(english:\"GLSA-201701-37 : libxml2: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-37\n(libxml2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libxml2. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user or automated system to process a\n specially crafted XML document, possibly resulting in execution of\n arbitrary code with the privileges of the process or a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-37\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libxml2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libxml2-2.9.4-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libxml2\", unaffected:make_list(\"ge 2.9.4-r1\"), vulnerable:make_list(\"lt 2.9.4-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:33:59", "description": "Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : mingw-libxml2-2.9.3-1.fc23 (2016-189a7bf68c)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-libxml2", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-189A7BF68C.NASL", "href": "https://www.tenable.com/plugins/nessus/89484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-189a7bf68c.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89484);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"FEDORA\", value:\"2016-189a7bf68c\");\n\n script_name(english:\"Fedora 23 : mingw-libxml2-2.9.3-1.fc23 (2016-189a7bf68c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1262853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1274225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e4706f27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"mingw-libxml2-2.9.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:34:32", "description": "Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : mingw-libxml2-2.9.3-1.fc22 (2016-a9ee80b01d)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-libxml2", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-A9EE80B01D.NASL", "href": "https://www.tenable.com/plugins/nessus/89591", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-a9ee80b01d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89591);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7941\", \"CVE-2015-7942\", \"CVE-2015-8035\");\n script_xref(name:\"FEDORA\", value:\"2016-a9ee80b01d\");\n\n script_name(english:\"Fedora 22 : mingw-libxml2-2.9.3-1.fc22 (2016-a9ee80b01d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.9.3 which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1262853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1274225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1281952\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1623b0cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mingw-libxml2-2.9.3-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libxml2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T16:33:19", "description": "The remote host is running a version of Mac OS X that is 10.9.5 or 10.10.5 and is missing Security Update 2016-002. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - Kernel\n - libxml2\n - OpenSSH\n - Python\n - Tcl\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-03-22T00:00:00", "type": "nessus", "title": "Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9495", "CVE-2015-0973", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-5333", "CVE-2015-5334", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8242", "CVE-2015-8472", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1759", "CVE-2016-1761", "CVE-2016-1762"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2016-002.NASL", "href": "https://www.tenable.com/plugins/nessus/90097", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90097);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2014-9495\",\n \"CVE-2015-0973\",\n \"CVE-2015-1819\",\n \"CVE-2015-5312\",\n \"CVE-2015-5333\",\n \"CVE-2015-5334\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8126\",\n \"CVE-2015-8242\",\n \"CVE-2015-8472\",\n \"CVE-2016-0777\",\n \"CVE-2016-0778\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1759\",\n \"CVE-2016-1761\",\n \"CVE-2016-1762\"\n );\n script_bugtraq_id(\n 71820,\n 71994,\n 75570,\n 77112,\n 77390,\n 77568,\n 77681,\n 78624,\n 79507,\n 79509,\n 79536,\n 79562,\n 80695,\n 80698\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-5\");\n\n script_name(english:\"Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)\");\n script_summary(english:\"Checks for the presence of Security Update 2016-002.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.9.5 or\n10.10.5 and is missing Security Update 2016-002. It is, therefore,\naffected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - Kernel\n - libxml2\n - OpenSSH\n - Python\n - Tcl\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206167\");\n # http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c87f79a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2016-002 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\npatch = \"2016-002\";\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nif (!get_kb_item(\"Host/local_checks_enabled\"))\n audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10)\\.5([^0-9]|$)\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.9.5 or Mac OS X 10.10.5\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\..*bom$\", string:packages);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = eregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:33:17", "description": "According to its banner, the remote Apple TV device is a version prior to 9.2. It is, therefore, affected by the following vulnerabilities :\n\n - An XML external entity (XXE) expansion flaw exists in libxml2 due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service through resource exhaustion.\n (CVE-2015-1819)\n\n - An XML external entity (XXE) injection flaw exists in libxml2 in file parser.c due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service or to disclose sensitive information. (CVE-2015-5312)\n\n - A heap buffer overflow condition exists in libxml2 in the xmlGROW() function within file parser.c while handling XML data. An unauthenticated, remote attacker can exploit this to disclose sensitive information.\n (CVE-2015-7499)\n\n - An out-of-bounds heap read error exists in libxml2 in the xmlParseMisc() function within file parser.c while handling entity boundaries. An unauthenticated, remote attacker can exploit this to cause a denial of service.\n (CVE-2015-7500)\n\n - An out-of-bounds read error exists in libxml2 in the xmlParseConditionalSections() function within file parser.c due to a failure to properly skip intermediary entities when it stops parsing invalid input. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service.\n (CVE-2015-7942)\n\n - A flaw exists in libxml2 in the xz_decomp() function within file xzlib.c due to a failure to properly detect compression errors when handling compressed XML content.\n An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause an infinite loop, resulting in a denial of service.\n (CVE-2015-8035)\n\n - A out-of-bounds read error exists in libxml2 in the xmlSAX2TextNode() function within file SAX2.c due to improper sanitization of input data. An unauthenticated, remote attacker can exploit this, via crafted XML data, to cause a denial of service or to disclose sensitive information. (CVE-2015-8242)\n\n - A use-after-free error exists in Nghttp2 within file lib/nghttp2_session.c when handling idle streams. An unauthenticated, remote attacker can exploit this to deference already freed memory, allowing the execution of arbitrary code. (CVE-2015-8659)\n\n - An overflow condition exists in the Broadcom Wi-Fi driver due to improper validation of data while handling SSID or WPS_ID_DEVICE_NAME values. An unauthenticated, adjacent attacker can exploit this, via a crafted wireless control message packet, to cause a denial of service or to execute arbitrary code. (CVE-2016-0801)\n\n - An overflow condition exists in the Broadcom Wi-Fi driver due to improper validation of user-supplied input when handling the packet length of event messages.\n An unauthenticated, adjacent attacker can exploit this, via a crafted wireless control message packet, to cause a denial of service or to execute arbitrary code.\n (CVE-2016-0802)\n\n - A flaw exists in FontParser due to improper validation of user-supplied input when handling encoded fonts that contain invalid characters. An unauthenticated, remote attacker can exploit this, via a crafted PDF document, to corrupt memory, resulting in a denial of service or the execution arbitrary code. (CVE-2016-1740)\n\n - A flaw exists in IOHIDFamily due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted application, to gain access to kernel memory layout information.\n (CVE-2016-1748)\n\n - A use-after-free error exists in the kernel that allows an unauthenticated, remote attacker to execute arbitrary code via a crafted application. (CVE-2016-1750)\n\n - A flaw exists in the kernel due to a failure to properly restrict execution permissions. An unauthenticated, remote attacker can exploit this, via a crafted application, to bypass code-signing protection mechanisms. (CVE-2016-1751)\n\n - An unspecified flaw exists in the kernel that allows a local attacker to cause a denial of service via a crafted application. (CVE-2016-1752)\n\n - An integer overflow condition exists in the kernel due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted application, to gain elevated privileges.\n (CVE-2016-1753)\n\n - A memory corruption issue exists in the kernel due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to install a malicious application, to cause a denial of service or execute arbitrary code.\n CVE-2016-1754)\n\n - A use-after-free error exists in the AppleKeyStore user client when handling multiple threads, which is triggered when one thread closes the user client while another attempts to call an external method. An unauthenticated, remote attacker can exploit this, by convincing a user to install a malicious application, to execute arbitrary code with elevated privileges.\n (CVE-2016-1755)\n\n - A flaw exists in libxml2 due to improper validation of user-supplied input while handling XML content. An unauthenticated, remote attacker can exploit this, via a crafted XML document, to cause a denial of service or to execute arbitrary code. (CVE-2016-1762)\n\n - An out-of-bounds write error exists in TrueTypeScaler due to improper validation of user-supplied input while handling bdat tables in TTF fonts. An unauthenticated, remote attacker can exploit this, via a crafted TTF font, to cause a denial or service or to execute arbitrary code. (CVE-2016-1775)\n\n - A flaw exists in WebKit due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted website, to cause a denial of service or execute arbitrary code.\n (CVE-2016-1783)\n\n - An unspecified flaw exists in the History implementation of WebKit that allows an unauthenticated, remote attacker to cause a denial of service via a crafted website. (CVE-2016-1784)\n\n - A heap buffer overflow condition exists in Mozilla Network Security Services due to improper validation of user-supplied input while parsing ASN.1 structures. An unauthenticated, remote attacker can exploit this, via crafted ASN.1 data in an X.509 certificate, to cause a denial of service or execute arbitrary code.\n (CVE-2016-1950)\n\nNote that only 4th generation models are affected by these vulnerabilities, and this plugin only checks these models.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "Apple TV < 9.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1762", "CVE-2016-1775", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1950"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_9_2.NASL", "href": "https://www.tenable.com/plugins/nessus/90309", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90309);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2015-1819\",\n \"CVE-2015-5312\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8242\",\n \"CVE-2015-8659\",\n \"CVE-2016-0801\",\n \"CVE-2016-0802\",\n \"CVE-2016-1740\",\n \"CVE-2016-1748\",\n \"CVE-2016-1750\",\n \"CVE-2016-1751\",\n \"CVE-2016-1752\",\n \"CVE-2016-1753\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1762\",\n \"CVE-2016-1775\",\n \"CVE-2016-1783\",\n \"CVE-2016-1784\",\n \"CVE-2016-1950\"\n );\n script_bugtraq_id(\n 75570,\n 77390,\n 77681,\n 79507,\n 79509,\n 79536,\n 79562,\n 80438\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-3\");\n\n script_name(english:\"Apple TV < 9.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote Apple TV device is a version prior\nto 9.2. It is, therefore, affected by the following vulnerabilities :\n\n - An XML external entity (XXE) expansion flaw exists in\n libxml2 due to the XML parser accepting entities from\n untrusted sources. An unauthenticated, remote attacker\n can exploit this, via crafted XML data, to cause a\n denial of service through resource exhaustion.\n (CVE-2015-1819)\n\n - An XML external entity (XXE) injection flaw exists in\n libxml2 in file parser.c due to the XML parser accepting\n entities from untrusted sources. An unauthenticated,\n remote attacker can exploit this, via crafted XML data,\n to cause a denial of service or to disclose sensitive\n information. (CVE-2015-5312)\n\n - A heap buffer overflow condition exists in libxml2 in\n the xmlGROW() function within file parser.c while\n handling XML data. An unauthenticated, remote attacker\n can exploit this to disclose sensitive information.\n (CVE-2015-7499)\n\n - An out-of-bounds heap read error exists in libxml2 in\n the xmlParseMisc() function within file parser.c while\n handling entity boundaries. An unauthenticated, remote\n attacker can exploit this to cause a denial of service.\n (CVE-2015-7500)\n\n - An out-of-bounds read error exists in libxml2 in the\n xmlParseConditionalSections() function within file\n parser.c due to a failure to properly skip intermediary\n entities when it stops parsing invalid input. An\n unauthenticated, remote attacker can exploit this, via\n crafted XML data, to cause a denial of service.\n (CVE-2015-7942)\n\n - A flaw exists in libxml2 in the xz_decomp() function\n within file xzlib.c due to a failure to properly detect\n compression errors when handling compressed XML content.\n An unauthenticated, remote attacker can exploit this,\n via crafted XML data, to cause an infinite loop,\n resulting in a denial of service.\n (CVE-2015-8035)\n\n - A out-of-bounds read error exists in libxml2 in the\n xmlSAX2TextNode() function within file SAX2.c due to\n improper sanitization of input data. An unauthenticated,\n remote attacker can exploit this, via crafted XML data,\n to cause a denial of service or to disclose sensitive\n information. (CVE-2015-8242)\n\n - A use-after-free error exists in Nghttp2 within file\n lib/nghttp2_session.c when handling idle streams. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, allowing the execution\n of arbitrary code. (CVE-2015-8659)\n\n - An overflow condition exists in the Broadcom Wi-Fi\n driver due to improper validation of data while handling\n SSID or WPS_ID_DEVICE_NAME values. An unauthenticated,\n adjacent attacker can exploit this, via a crafted\n wireless control message packet, to cause a denial of\n service or to execute arbitrary code. (CVE-2016-0801)\n\n - An overflow condition exists in the Broadcom Wi-Fi\n driver due to improper validation of user-supplied\n input when handling the packet length of event messages.\n An unauthenticated, adjacent attacker can exploit this,\n via a crafted wireless control message packet, to cause\n a denial of service or to execute arbitrary code.\n (CVE-2016-0802)\n\n - A flaw exists in FontParser due to improper validation\n of user-supplied input when handling encoded fonts that\n contain invalid characters. An unauthenticated, remote\n attacker can exploit this, via a crafted PDF document,\n to corrupt memory, resulting in a denial of service or\n the execution arbitrary code. (CVE-2016-1740)\n\n - A flaw exists in IOHIDFamily due to improper validation\n of user-supplied input. An unauthenticated, remote\n attacker can exploit this, via a crafted application,\n to gain access to kernel memory layout information.\n (CVE-2016-1748)\n\n - A use-after-free error exists in the kernel that allows\n an unauthenticated, remote attacker to execute arbitrary\n code via a crafted application. (CVE-2016-1750)\n\n - A flaw exists in the kernel due to a failure to properly\n restrict execution permissions. An unauthenticated,\n remote attacker can exploit this, via a crafted\n application, to bypass code-signing protection\n mechanisms. (CVE-2016-1751)\n\n - An unspecified flaw exists in the kernel that allows a\n local attacker to cause a denial of service via a\n crafted application. (CVE-2016-1752)\n\n - An integer overflow condition exists in the kernel due\n to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this, via\n a crafted application, to gain elevated privileges.\n (CVE-2016-1753)\n\n - A memory corruption issue exists in the kernel due to\n improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to install a malicious application,\n to cause a denial of service or execute arbitrary code.\n CVE-2016-1754)\n\n - A use-after-free error exists in the AppleKeyStore user\n client when handling multiple threads, which is\n triggered when one thread closes the user client while\n another attempts to call an external method. An\n unauthenticated, remote attacker can exploit this, by\n convincing a user to install a malicious application, to\n execute arbitrary code with elevated privileges.\n (CVE-2016-1755)\n\n - A flaw exists in libxml2 due to improper validation of\n user-supplied input while handling XML content. An\n unauthenticated, remote attacker can exploit this, via a\n crafted XML document, to cause a denial of service or to\n execute arbitrary code. (CVE-2016-1762)\n\n - An out-of-bounds write error exists in TrueTypeScaler\n due to improper validation of user-supplied input while\n handling bdat tables in TTF fonts. An unauthenticated,\n remote attacker can exploit this, via a crafted TTF\n font, to cause a denial or service or to execute\n arbitrary code. (CVE-2016-1775)\n\n - A flaw exists in WebKit due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this, via a crafted website, to cause a\n denial of service or execute arbitrary code.\n (CVE-2016-1783)\n\n - An unspecified flaw exists in the History implementation\n of WebKit that allows an unauthenticated, remote\n attacker to cause a denial of service via a crafted\n website. (CVE-2016-1784)\n\n - A heap buffer overflow condition exists in Mozilla\n Network Security Services due to improper validation of\n user-supplied input while parsing ASN.1 structures. An\n unauthenticated, remote attacker can exploit this, via\n crafted ASN.1 data in an X.509 certificate, to cause a\n denial of service or execute arbitrary code.\n (CVE-2016-1950)\n\nNote that only 4th generation models are affected by these\nvulnerabilities, and this plugin only checks these models.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206169\");\n # http://prod.lists.apple.com/archives/security-announce/2016/Mar/msg00002.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c691f32\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 9.2 or later. Note that this update is\navailable only for 4th generation models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8659\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"appletv_func.inc\");\ninclude(\"audit.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\n# fix\nfixed_build = \"13Y234\";\ntvos_ver = \"9.2\"; # for reporting purposes only\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : 4,\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n severity : SECURITY_HOLE,\n port : port,\n url : url\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:37:19", "description": "Versions of Apple TV earlier than 9.2 are unpatched for vulnerabilities in the following components :\n\n - FontParser (CVE-2016-1740)\n - HTTPProtocol (CVE-2015-8659)\n - IOHIDFamily (CVE-2016-1748)\n - Kernel (CVE-2016-1750)\n - Kernel (CVE-2016-1753)\n - Kernel (CVE-2016-1751)\n - Kernel (CVE-2016-1754, CVE-2016-1755)\n - Kernel (CVE-2016-1752)\n - libxml2 (CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2016-1762)\n - Security (CVE-2016-1950)\n - TrueTypeScaler (CVE-2016-1775)\n - WebKit (CVE-2016-1783)\n - WebKit History (CVE-2016-1784)\n - Wi-Fi (CVE-2016-0801, CVE-2016-0802)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-05-27T00:00:00", "type": "nessus", "title": "Apple TV < 9.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1762", "CVE-2016-1775", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1950"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*"], "id": "9336.PRM", "href": "https://www.tenable.com/plugins/nnm/9336", "sourceData": "Binary data 9336.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:18", "description": "A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents.\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-08-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20150722)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxml2", "p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libxml2-devel", "p-cpe:/a:fermilab:scientific_linux:libxml2-python", "p-cpe:/a:fermilab:scientific_linux:libxml2-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150722_LIBXML2_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85200", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85200);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\");\n\n script_name(english:\"Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20150722)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents.\n\nThe desktop must be restarted (log out, then log back in) for this\nupdate to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=2135\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6960edf5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:58:16", "description": "The remote host is affected by the vulnerability described in GLSA-201507-08 (libxml2: Denial of Service)\n\n libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string.\n Impact :\n\n A remote attacker may be able to cause Denial of Service via a specially crafted XML file.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "GLSA-201507-08 : libxml2: Denial of Service", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libxml2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-08.NASL", "href": "https://www.tenable.com/plugins/nessus/84607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84607);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_xref(name:\"GLSA\", value:\"201507-08\");\n\n script_name(english:\"GLSA-201507-08 : libxml2: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-08\n(libxml2: Denial of Service)\n\n libxml2 returns the empty string when the allocation limit is\n encountered while constructing the attribute value string.\n \nImpact :\n\n A remote attacker may be able to cause Denial of Service via a specially\n crafted XML file.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libxml2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libxml2-2.9.2-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libxml2\", unaffected:make_list(\"ge 2.9.2-r1\"), vulnerable:make_list(\"lt 2.9.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:58:58", "description": "Daniel Veilland reports :\n\nEnforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded.\nIntroduce a new allocation type for the buffers for this effect.", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "nessus", "title": "FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libxml2", "p-cpe:/a:freebsd:freebsd:linux-c6-libxml2", "p-cpe:/a:freebsd:freebsd:linux-f10-libxml2", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9C7177FF1FE111E59A01BCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/84496", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84496);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-1819\");\n\n script_name(english:\"FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Veilland reports :\n\nEnforce the reader to run in constant memory. One of the operation on\nthe reader could resolve entities leading to the classic expansion\nissue. Make sure the buffer used for xmlreader operation is bounded.\nIntroduce a new allocation type for the buffers for this effect.\"\n );\n # https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0a2fe75c\"\n );\n # https://vuxml.freebsd.org/freebsd/9c7177ff-1fe1-11e5-9a01-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b68ce06\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxml2<2.9.2_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-libxml2<2.7.6_5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-libxml2>=*\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:58:17", "description": "From Red Hat Security Advisory 2015:1419 :\n\nUpdated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-30T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : libxml2 (ELSA-2015-1419)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:libxml2-python", "p-cpe:/a:oracle:linux:libxml2-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/85106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1419 and \n# Oracle Linux Security Advisory ELSA-2015-1419 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85106);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"Oracle Linux 6 : libxml2 (ELSA-2015-1419)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1419 :\n\nUpdated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-July/005233.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-devel-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-python-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxml2-static-2.7.6-20.0.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:58:28", "description": "Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-23T00:00:00", "type": "nessus", "title": "RHEL 6 : libxml2 (RHSA-2015:1419)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2-static", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/84945", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1419. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84945);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"RHEL 6 : libxml2 (RHSA-2015:1419)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1819\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1419\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-debuginfo-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / libxml2-python / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:59:10", "description": "This upload to Debian squeeze-lts fixes three issues found in the libxml2 package.\n\n(1) CVE-2015-1819 / #782782\n\nFlorian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue between API misuse and a bug in libxml2. This issue got addressed in libxml2 upstream and the patch has been backported to libxml2 in squeeze-lts.\n\n(2) #782985\n\nJun Kokatsu reported an out-of-bounds memory access in libxml2. By entering an unclosed html comment the libxml2 parser didn't stop parsing at the end of the buffer, causing random memory to be included in the parsed comment that was returned to the evoking application.\n\nIn the Shopify application (where this issue was originally discovered), this caused ruby objects from previous http requests to be disclosed in the rendered page.\n\n(3) #783010\n\nMichal Zalewski reported another out-of-bound reads issue in libxml2 that did not cause any crashes but could be detected under ASAN and Valgrind.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-06T00:00:00", "type": "nessus", "title": "Debian DLA-266-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-266.NASL", "href": "https://www.tenable.com/plugins/nessus/84508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-266-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84508);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n\n script_name(english:\"Debian DLA-266-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This upload to Debian squeeze-lts fixes three issues found in the\nlibxml2 package.\n\n(1) CVE-2015-1819 / #782782\n\nFlorian Weimer from Red Hat reported an issue against libxml2, where a\nparser which uses libxml2 chokes on a crafted XML document, allocating\ngigabytes of data. This is a fine line issue between API misuse and a\nbug in libxml2. This issue got addressed in libxml2 upstream and the\npatch has been backported to libxml2 in squeeze-lts.\n\n(2) #782985\n\nJun Kokatsu reported an out-of-bounds memory access in libxml2. By\nentering an unclosed html comment the libxml2 parser didn't stop\nparsing at the end of the buffer, causing random memory to be included\nin the parsed comment that was returned to the evoking application.\n\nIn the Shopify application (where this issue was originally\ndiscovered), this caused ruby objects from previous http requests to\nbe disclosed in the rendered page.\n\n(3) #783010\n\nMichal Zalewski reported another out-of-bound reads issue in libxml2\nthat did not cause any crashes but could be detected under ASAN and\nValgrind.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/07/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxml2\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-dev\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-doc\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxml2-utils\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libxml2-dbg\", reference:\"2.7.8.dfsg-2+squeeze12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:59:12", "description": "Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product Security.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for the serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.", "cvss3": {}, "published": "2015-07-28T00:00:00", "type": "nessus", "title": "CentOS 6 : libxml2 (CESA-2015:1419)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml2", "p-cpe:/a:centos:centos:libxml2-devel", "p-cpe:/a:centos:centos:libxml2-python", "p-cpe:/a:centos:centos:libxml2-static", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-1419.NASL", "href": "https://www.tenable.com/plugins/nessus/85019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1419 and \n# CentOS Errata and Security Advisory 2015:1419 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85019);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-1819\");\n script_bugtraq_id(75570);\n script_xref(name:\"RHSA\", value:\"2015:1419\");\n\n script_name(english:\"CentOS 6 : libxml2 (CESA-2015:1419)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Low security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in\nthe References section.\n\nThe libxml2 library is a development toolbox providing the\nimplementation of various XML standards.\n\nA denial of service flaw was found in the way the libxml2 library\nparsed certain XML files. An attacker could provide a specially\ncrafted XML file that, when parsed by an application using libxml2,\ncould cause that application to use an excessive amount of memory.\n(CVE-2015-1819)\n\nThis issue was discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nThis update also fixes the following bug :\n\nThis update fixes an error that occurred when running a test case for\nthe serialization of HTML documents. (BZ#1004513)\n\nUsers of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop\nmust be restarted (log out, then log back in) for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-July/002030.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18612b78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1819\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-devel-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-python-2.7.6-20.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxml2-static-2.7.6-20.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python / libxml2-static\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:33:42", "description": "It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-20T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2875-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7499", "CVE-2015-8710"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2875-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2875-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88019);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-7499\", \"CVE-2015-8710\");\n script_xref(name:\"USN\", value:\"2875-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libxml2 vulnerabilities (USN-2875-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libxml2 incorrectly handled certain malformed\ndocuments. If a user or automated system were tricked into opening a\nspecially crafted document, an attacker could possibly cause libxml2\nto crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2875-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxml2\", pkgver:\"2.7.8.dfsg-5.1ubuntu4.14\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.7\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libxml2\", pkgver:\"2.9.2+dfsg1-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libxml2\", pkgver:\"2.9.2+zdfsg1-4ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:05", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Update doc/redhat.gif in tarball\n\n - Add libxml2-oracle-enterprise.patch and update logos in tarball\n\n - CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)\n\n - Stop parsing on entities boundaries errors\n\n - Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)\n\n - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149086)\n\n - Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)", "cvss3": {}, "published": "2015-07-31T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : libxml2 (OVMSA-2015-0097)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3660", "CVE-2015-1819"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:libxml2", "p-cpe:/a:oracle:vm:libxml2-python", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0097.NASL", "href": "https://www.tenable.com/plugins/nessus/85138", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0097.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85138);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3660\", \"CVE-2015-1819\");\n script_bugtraq_id(70644, 75570);\n\n script_name(english:\"OracleVM 3.3 : libxml2 (OVMSA-2015-0097)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Update doc/redhat.gif in tarball\n\n - Add libxml2-oracle-enterprise.patch and update logos in\n tarball\n\n - CVE-2015-1819 Enforce the reader to run in constant\n memory(rhbz#1214163)\n\n - Stop parsing on entities boundaries errors\n\n - Fix missing entities after CVE-2014-3660 fix\n (rhbz#1149086)\n\n - CVE-2014-3660 denial of service via recursive entity\n expansion (rhbz#1149086)\n\n - Fix html serialization error and htmlSetMetaEncoding\n (rhbz#1004513)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2015-July/000345.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml2 / libxml2-python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"libxml2-2.7.6-20.0.1.el6\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"libxml2-python-2.7.6-20.0.1.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-python\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T16:34:19", "description": "The mobile device is running a version of iOS prior to version 9.3. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - AppleUSBNetworking\n - FontParser\n - HTTPProtocol\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libxml2\n - Messages\n - Profiles\n - Security\n - TrueTypeScaler\n - WebKit\n - Wi-Fi", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-03-23T00:00:00", "type": "nessus", "title": "Apple iOS < 9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1734", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1760", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1763", "CVE-2016-1766", "CVE-2016-1775", "CVE-2016-1778", "CVE-2016-1779", "CVE-2016-1780", "CVE-2016-1781", "CVE-2016-1782", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1785", "CVE-2016-1786", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2022-11-30T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_93_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/90118", "sourceData": "Binary data apple_ios_93_check.nbin", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:37:15", "description": "The remote host is running a version of iOS that is prior to version 9.3 and the following components contain vulnerabilities :\n\n - AppleUSBNetworking\n - FontParser\n - HTTPProtocol\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libxml2\n - Messages\n - Profiles\n - Security\n - TrueTypeScaler\n - WebKit\n - Wi-Fi", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-05-26T00:00:00", "type": "nessus", "title": "Apple iOS < 9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8242", "CVE-2015-8659", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1734", "CVE-2016-1740", "CVE-2016-1748", "CVE-2016-1750", "CVE-2016-1751", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1760", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1763", "CVE-2016-1766", "CVE-2016-1775", "CVE-2016-1778", "CVE-2016-1779", "CVE-2016-1780", "CVE-2016-1781", "CVE-2016-1782", "CVE-2016-1783", "CVE-2016-1784", "CVE-2016-1785", "CVE-2016-1786", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "9331.PRM", "href": "https://www.tenable.com/plugins/nnm/9331", "sourceData": "Binary data 9331.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:35:29", "description": "The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-03-22T00:00:00", "type": "nessus", "title": "Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9495", "CVE-2015-0973", "CVE-2015-1819", "CVE-2015-3195", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7551", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8242", "CVE-2015-8472", "CVE-2015-8659", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1732", "CVE-2016-1733", "CVE-2016-1734", "CVE-2016-1735", "CVE-2016-1736", "CVE-2016-1737", "CVE-2016-1738", "CVE-2016-1740", "CVE-2016-1741", "CVE-2016-1743", "CVE-2016-1744", "CVE-2016-1745", "CVE-2016-1746", "CVE-2016-1747", "CVE-2016-1748", "CVE-2016-1749", "CVE-2016-1750", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1759", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1764", "CVE-2016-1767", "CVE-2016-1768", "CVE-2016-1769", "CVE-2016-1770", "CVE-2016-1773", "CVE-2016-1775", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_11_4.NASL", "href": "https://www.tenable.com/plugins/nessus/90096", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90096);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2014-9495\",\n \"CVE-2015-0973\",\n \"CVE-2015-1819\",\n \"CVE-2015-3195\",\n \"CVE-2015-5312\",\n \"CVE-2015-7499\",\n \"CVE-2015-7500\",\n \"CVE-2015-7551\",\n \"CVE-2015-7942\",\n \"CVE-2015-8035\",\n \"CVE-2015-8126\",\n \"CVE-2015-8242\",\n \"CVE-2015-8472\",\n \"CVE-2015-8659\",\n \"CVE-2016-0777\",\n \"CVE-2016-0778\",\n \"CVE-2016-0801\",\n \"CVE-2016-0802\",\n \"CVE-2016-1732\",\n \"CVE-2016-1733\",\n \"CVE-2016-1734\",\n \"CVE-2016-1735\",\n \"CVE-2016-1736\",\n \"CVE-2016-1737\",\n \"CVE-2016-1738\",\n \"CVE-2016-1740\",\n \"CVE-2016-1741\",\n \"CVE-2016-1743\",\n \"CVE-2016-1744\",\n \"CVE-2016-1745\",\n \"CVE-2016-1746\",\n \"CVE-2016-1747\",\n \"CVE-2016-1748\",\n \"CVE-2016-1749\",\n \"CVE-2016-1750\",\n \"CVE-2016-1752\",\n \"CVE-2016-1753\",\n \"CVE-2016-1754\",\n \"CVE-2016-1755\",\n \"CVE-2016-1756\",\n \"CVE-2016-1757\",\n \"CVE-2016-1758\",\n \"CVE-2016-1759\",\n \"CVE-2016-1761\",\n \"CVE-2016-1762\",\n \"CVE-2016-1764\",\n \"CVE-2016-1767\",\n \"CVE-2016-1768\",\n \"CVE-2016-1769\",\n \"CVE-2016-1770\",\n \"CVE-2016-1773\",\n \"CVE-2016-1775\",\n \"CVE-2016-1788\",\n \"CVE-2016-1950\"\n );\n script_bugtraq_id(\n 71820,\n 71994,\n 75570,\n 77390,\n 77568,\n 77681,\n 78624,\n 78626,\n 79507,\n 79509,\n 79536,\n 79562,\n 80438,\n 80695,\n 80698\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-03-21-5\");\n\n script_name(english:\"Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.11.x prior\nto 10.11.4. It is, therefore, affected by multiple vulnerabilities in\nthe following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT206167\");\n # http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c87f79a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X version 10.11.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1761\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70)\n exit(1, \"Cannot determine the host's OS with sufficient confidence.\");\n}\nif (!os)\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\n\nif (\n version !~ \"^10\\.11([^0-9]|$)\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.11 or later\", \"Mac OS X \"+version);\n\nfix = \"10.11.4\";\nif (ver_compare(ver:version, fix:fix, strict:FALSE) == -1)\n{\n items = make_array(\"Installed version\", version,\n \"Fixed version\", fix\n );\n order = make_list(\"Installed version\", \"Fixed version\");\n report = report_items_str(report_items:items, ordered_fields:order);\n\n security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n exit(0);\n\n }\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"Mac OS X\", version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:37:15", "description": "The remote host is running a version of Mac OS X version 10.11.x prior to 10.11.4 and is affected by multiple vulnerabilities in the following components :\n\n - apache_mod_php\n - AppleRAID\n - AppleUSBNetworking\n - Bluetooth\n - Carbon\n - dyld\n - FontParser\n - HTTPProtocol\n - Intel Graphics Driver\n - IOFireWireFamily\n - IOGraphics\n - IOHIDFamily\n - IOUSBFamily\n - Kernel\n - libxml2\n - Messages\n - NVIDIA Graphics Drivers\n - OpenSSH\n - OpenSSL\n - Python\n - QuickTime\n - Reminders\n - Ruby\n - Security\n - Tcl\n - TrueTypeScaler\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2016-05-27T00:00:00", "type": "nessus", "title": "Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9495", "CVE-2015-0973", "CVE-2015-1819", "CVE-2015-3195", "CVE-2015-5312", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7551", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8242", "CVE-2015-8472", "CVE-2015-8659", "CVE-2016-0777", "CVE-2016-0778", "CVE-2016-0801", "CVE-2016-0802", "CVE-2016-1732", "CVE-2016-1733", "CVE-2016-1734", "CVE-2016-1735", "CVE-2016-1736", "CVE-2016-1737", "CVE-2016-1738", "CVE-2016-1740", "CVE-2016-1741", "CVE-2016-1743", "CVE-2016-1744", "CVE-2016-1745", "CVE-2016-1746", "CVE-2016-1747", "CVE-2016-1748", "CVE-2016-1749", "CVE-2016-1750", "CVE-2016-1752", "CVE-2016-1753", "CVE-2016-1754", "CVE-2016-1755", "CVE-2016-1756", "CVE-2016-1757", "CVE-2016-1758", "CVE-2016-1759", "CVE-2016-1761", "CVE-2016-1762", "CVE-2016-1764", "CVE-2016-1767", "CVE-2016-1768", "CVE-2016-1769", "CVE-2016-1770", "CVE-2016-1773", "CVE-2016-1775", "CVE-2016-1788", "CVE-2016-1950"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "9327.PRM", "href": "https://www.tenable.com/plugins/nnm/9327", "sourceData": "Binary data 9327.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-17T14:22:38", "description": "The version of iOS running on the mobile device is prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities, the most serious of which can result in remote code execution, in the following components :\n\n - Calendar\n - CoreGraphics\n - FaceTime\n - ImageIO\n - IOAcceleratorFamily\n - IOHIDFamily\n - Kernel\n - libxml2\n - libxslt\n - Safari\n - Sandbox Profiles\n - Siri Contacts\n - Web Media\n - WebKit\n - WebKit JavaScript Bindings\n - WebKit Page Loading", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-19T00:00:00", "type": "nessus", "title": "Apple iOS < 9.3.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8317", "CVE-2016-1683", "CVE-2016-1684", "CVE-2016-1836", "CVE-2016-1863", "CVE-2016-1864", "CVE-2016-1865", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-4449", "CVE-2016-4483", "CVE-2016-4582", "CVE-2016-4583", "CVE-2016-4584", "CVE-2016-4585", "CVE-2016-4587", "CVE-2016-4589", "CVE-2016-4590", "CVE-2016-4591", "CVE-2016-4592", "CVE-2016-4593", "CVE-2016-4594", "CVE-2016-4603", "CVE-2016-4604", "CVE-2016-4605", "CVE-2016-4607", "CVE-2016-4608", "CVE-2016-4609", "CVE-2016-4610", "CVE-2016-4612", "CVE-2016-4614", "CVE-2016-4615", "CVE-2016-4616", "CVE-2016-4619", "CVE-2016-4622", "CVE-2016-4623", "CVE-2016-4624", "CVE-2016-4626", "CVE-2016-4627", "CVE-2016-4628", "CVE-2016-4631", "CVE-2016-4632", "CVE-2016-4635", "CVE-2016-4637", "CVE-2016-4642", "CVE-2016-4643", "CVE-2016-4644", "CVE-2016-4651", "CVE-2016-4653", "CVE-2016-6559", "CVE-2016-7576", "CVE-2016-7705"], "modified": "2022-11-30T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_933_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/92359", "sourceData": "Binary data apple_ios_933_check.nbin", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ibm": [{"lastseen": "2022-06-28T22:00:52", "description": "## Summary\n\nPowerKVM is affected by several vulnerabilities in libxml2. These vulnerabilities are now fixed.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nPowerKVM 2.1 and PowerKVM 3.1\n\n## Remediation/Fixes\n\nCustomers can update PowerKVM systems by using \"yum update\". \n \nFix images are made available via Fix Central. For version 3.1, see [_https://ibm.biz/BdHggw_](<https://ibm.biz/BdHggw>) for 3.1 service build 3 or later. \n \nFor version 2.1, the fix is made available via Fix Central ([_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>)) in 2.1.1 Build 65.6 and all later 2.1.1 SP3 service builds and 2.1.1 service packs. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1. \n \nFor v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.\n\n## Workarounds and Mitigations\n\nv2.1 customers can work around the problem by upgrading to the fixed release of v3.1\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n29 January 2016 - Initial Version\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSZJY4\",\"label\":\"PowerKVM\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.1;3.1\",\"Edition\":\"KVM\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {}, "published": "2018-06-18T01:30:43", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in libxml2 affect PowerKVM", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-18T01:30:43", "id": "6082EF9EEC65FC8C759FD4BD5D61B617F34A710731C703A12F4C0E537B571626", "href": "https://www.ibm.com/support/pages/node/682177", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T21:59:40", "description": "## Summary\n\nThe Libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple vulnerabilities have been discovered in Libxml2 used with IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.3.1 \nIBM Security Network Protection 5.3.2\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.8 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.2| Download Firmware 5.3.2.2 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n11 March 2016: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSHLHV\",\"label\":\"IBM Security Network Protection\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"Documentation\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"5.3.1;5.3.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:39:19", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Security Network Protection", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-16T21:39:19", "id": "17516BE1FEE8576600E7288D935EC0669C18FADD0D7BDD7B213E021E851E7F7D", "href": "https://www.ibm.com/support/pages/node/539731", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-10-01T01:53:05", "description": "## Summary\n\nIBM DataPower Gateways has addressed vulnerabilities in processing certain XML files that could cause a denial of service. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM DataPower Gateway appliances versions 7.2.0.0 to 7.2.0.5 \n\n## Remediation/Fixes\n\nFix is available in versions 7.2.0.6. Refer to [APAR IT15089](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT15089>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n\n_For DataPower customers using versions 6.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n5/20/2016 Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Product\":{\"code\":\"SS9H2Y\",\"label\":\"IBM DataPower Gateway\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"7.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2021-06-08T22:18:27", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in XML processing affect IBM DataPower Gateways", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2021-06-08T22:18:27", "id": "8F1916DF16BCE9B41284F1A9B9374A7B3967DF92C2D2FD403A184D97F5FAEAC1", "href": "https://www.ibm.com/support/pages/node/278271", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:09:02", "description": "## Summary\n\nIdentity Insight 8.1 product is affected by multiple libXML2 vulnerabilities (CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8317).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8035_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107845_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n## Affected Products and Versions\n\nIdentity Insight 8.1\n\n## Remediation/Fixes\n\nDownload and apply isii_8.1.0.4_ifix003 from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=All&platform=All&function=all>).\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n11 February 2016: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SS2HSB\",\"label\":\"InfoSphere Identity Insight\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2018-06-16T13:38:33", "type": "ibm", "title": "Security Bulletin: OpenSource libXML2 Vulnerabilities affect Identity Insight 8.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-16T13:38:33", "id": "D4D9239D39380DAAAF0663AA50B7560152F0E3980E2EE27DD40046B16E4D33B3", "href": "https://www.ibm.com/support/pages/node/540751", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:08:51", "description": "## Summary\n\nA set of Libxml2 vulnerabilities were disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-8035_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107845_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nRational Systems Tester versions 3.3, 3.3.0.1, 3.3.0.2, 3.3.0.3, 3.3.0.4, 3.3.0.5, 3.3.0.6, 3.3.0.7, 3.3.0.7 Interim Fix 1, 3.3.0.7 Interim Fix 2\n\n## Remediation/Fixes\n\nUpgrade to Rational Systems Tester Interim Fix 3 for 3.3.0.7. \n[Rational Systems Tester (3.3.0.7.iFix3, Windows)](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Rational/Rational+Systems+Tester&release=3.3.0.7&platform=Windows&function=all>) \n[Rational Systems Tester (3.3.0.7.iFix3, Linux)](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Rational/Rational+Systems+Tester&release=3.3.0.7&platform=Linux&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n25 December 2015: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nAdvisory # 4327 Record # 66209\n\n[{\"Product\":{\"code\":\"SSYQJP\",\"label\":\"Rational Systems Tester\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"Documentation\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"3.3;3.3.0.1;3.3.0.2;3.3.0.3;3.3.0.4;3.3.0.5;3.3.0.6\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-17T05:07:59", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Libxml2 affect Rational Systems Tester", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"], "modified": "2018-06-17T05:07:59", "id": "DAE66C3F24DC9C9F32A4918C846A8F515A6E526CE6B4F5F2BBF09EFE18B62398", "href": "https://www.ibm.com/support/pages/node/274269", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T21:58:52", "description": "## Summary\n\nMultiple security vulnerabilities have been discovered in libxml2 that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8710_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing an unclosed HTML comment. By not closing out an HTML comment, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110076_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110076>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nFlex System Manager 1.3.4.x \nFlex System Manager 1.3.3.x \nFlex System Manager 1.3.2.x\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM using the instructions referenced in this table. \n \n\n\nProduct | \n\nVRMF | \n\nAPAR | \n\nRemediation \n---|---|---|--- \nFlex System Manager| \n\n1.3.4.x | \n\nIT15534\n\n| Verify that Java updates have been installed, then install [fsmfix1.3.4.0_IT15533_IT15534_IT15535_IT15536_IT16023](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.4.0_IT15533_IT15534_IT15535_IT15536_IT16023&function=fixId&parent=Flex%20System%20Manager%20Node>). \n \nInstructions for installing and verifying java updates can be found in Technote [761981453](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>) \nFlex System Manager| \n\n1.3.3.x | \n\nIT15534\n\n| Verify that Java updates have been installed, then install[ fsmfix1.3.3.0_IT15533_IT15534_IT15535_IT15536_IT16023](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT15533_IT15534_IT15535_IT15536_IT16023&function=fixId&parent=Flex%20System%20Manager%20Node>). \n \nInstructions for installing and verifying java updates can be found in Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) \nFlex System Manager| \n\n1.3.2.x | \n\nIT15534\n\n| Verify that Java updates have been installed, then install[ fsmfix1.3.2.0_IT15533_IT15534_IT15535_IT15536_IT16023](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT15533_IT15534_IT15535_IT15536_IT16023&function=fixId&parent=Flex%20System%20Manager%20Node>). \n \nInstructions for installing and verifying java updates can be found in Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) \nFor 1.1.x.x, 1.2.x.x, 1.3.0.x and 1.3.1.x IBM recommends upgrading to a fixed, supported version/release of the product. \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables MD5 signature hash by default. IBM recommends that you review your entire environment to identify other areas where you have enabled the MD5 signature hash and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n18 July 2016 : Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nAdvisory 4690, PSIRT 70450\n\n[{\"Product\":{\"code\":\"HW94A\",\"label\":\"Flex System Manager Node\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:32:48", "type": "ibm", "title": "Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple liblxm2 vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710"], "modified": "2018-06-18T01:32:48", "id": "4EB6375AC60D18EF5D589BC88A70CB0698048440611BD71DE666FEA37A17ED94", "href": "https://www.ibm.com/support/pages/node/629235", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-09-26T13:49:15", "description": "## Summary\n\nMultiple vulnerabilities in libpng and libxml affect Rational DOORS\n\n## Vulnerability Details\n\n**CVE-ID**: [CVE-2015-1819](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>) \n**Description**: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \n**CVSS Base Score**: 5.300 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/107272> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVE-ID**: [CVE-2015-7941](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>) \n**Description**: Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \n**CVSS Base Score**: 9.800 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108071> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVE-ID**: [CVE-2015-7942](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>) \n**Description**: Libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by improper validation when processing XML files. By using a specially-crafted XML file, an attacker could exploit this vulnerability to cause an out of bounds read error allowing the attacker to execute arbitrary code on the system. \n**CVSS Base Score**: 9.800 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108073> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVE-ID**: [CVE-2015-8035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>) \nDescription: libxml2 is vulnerable to a denial of service, caused by an error when xz support is enabled. By using a specially-crafted xml file, an local attacker could exploit this vulnerability to cause the software to crash. \n**CVSS Base Score**: 4.000 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/107845> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVE-ID**: [CVE-2015-8241](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>) \nDescription: libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.900 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108169> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVE-ID**: [CVE-2015-8242](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>) \n**Description**: libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.900 \n**CVSS Temporal Score (X-Force Link)**: <https://exchange.xforce.ibmcloud.com/vulnerabilities/108170> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n** \nCVE-ID**: [CVE-2015-5312](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDescription**: An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7497](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)** \n \nCVE-ID**: [CVE-2015-7498](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDescription**: An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7499](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDescription**: An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)** \n \nCVE-ID**: [CVE-2015-7500](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVE-ID**: [CVE-2015-8317](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDescription**: libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.** \nCVSS Base Score**: 5.900** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVE-ID**: [CVE-2015-8710](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710>)** \nDescription**: Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing an unclosed HTML comment. By using the \"\"&lt;!--\"\" HTML comment without close, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash.** \nCVSS Base Score**: 5.300** \nCVSS Temporal Score (X-Force Link)**: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110076_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110076>) for the current score \n**CVSS Environmental Score***: Undefined ** \nCVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2016-2073_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the htmlParseNameComplex() function. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score:** 6.3 \n**CVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110307_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110307>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n\n## Affected Products and Versions\n\nRational DOORS: 9.6.0.0 - 9.6.0.3, 9.6.1.0 - 9.6.1.4 \n \nThe following Rational DOORS components are affected: \n\n * Rational DOORS desktop client\n * Rational DOORS database server\n * Rational DOORS interoperation server\n\n## Remediation/Fixes\n\nUpgrade to the fix pack that corresponds to the version of Rational DOORS that you are running, as shown in the following table. Upgrade the Rational DOORS client, the Rational DOORS database server, and the Rational DOORS interoperation server. \nYou should verify applying this fix does not cause any compatibility issues. \n \n\n\n**Rational DOORS version**| **Upgrade to fix pack** \n---|--- \n9.6.0 \n9.6.0.1 - 9.6.0.4| [9.6.0.5](<http://www.ibm.com/support/docview.wss?uid=swg24041347>) \n9.6.1 \n9.6.1.1 - 9.6.1.4| [9.6.1.5](<http://www.ibm.com/support/docview.wss?uid=swg24041346>) \n \n_For Rational DOORS version 9.2.x and earlier, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\nIf you are using Rational DOORS Web Access, after you upgrade _but before you start the Rational DOORS Web Access server_, edit the core configuration file and set the required version of the interoperation server to the version of the fix pack upgrade, as described in this procedure.\n\n**Procedure:**\n\n 1. To edit the Rational DOORS Web Access core configuration file, open the `festival.xml` file, which is in the `server\\festival\\config` directory. \n \n\n 2. Add the following line in the `<f:properties>` section: \n \n`` \n``&lt;**f:property name=\"interop.version\" value=\"9.n.n.n\"** /&gt;` \n`` \n \n`Replace \"`9.n.n.n`\" with the version of the fix pack upgrade: 9.6.0.5 or 9.6.1.5. \n \n\n 3. Save and close the file. \n \n\n\nAfter this revision, only the specified version of the interoperation server can access the Rational DOORS database. \n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n* 11 February 2016: Original copy published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSKR2T\",\"label\":\"IBM Engineering Requirements Management DOORS\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Configuration\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.6;9.6.0.1;9.6.0.2;9.6.0.3;9.6.1;9.6.1.1;9.6.1.2;9.6.1.3;9.6.1.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-01T08:19:24", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in libpng and libxml affect Rational DOORS", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2015-8710", "CVE-2016-2073"], "modified": "2020-05-01T08:19:24", "id": "D911317A5AB78973EC0BCDD274D56A8146D89345FD34F13DAEEC08B6503FEAE0", "href": "https://www.ibm.com/support/pages/node/273049", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:01:50", "description": "## Summary\n\nThere are multiple security vulnerabilities in various components used by IBM Security Identity Manager Virtual Appliance\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2016-0402_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/109947_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/109947>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n\n**CVEID:** [_CVE-2016-0448_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the JMX component could allow a remote attacker to obtain sensitive information resulting in a partial confidentiality impact using unknown attack vectors. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/109949_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/109949>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)\n\n \n**CVEID:** [_CVE-2015-4872_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle Java SE and JRockit related to the Security component has no confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107361_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107361>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n \n**CVEID:** [_CVE-2015-3195_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory leak in a malformed X509_ATTRIBUTE structure. An attacker could exploit this vulnerability to obtain CMS data and other sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108504_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108504>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2015-3196_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a race condition when PSK identity hints are received by a multi-threaded client and the SSL_CTX structure is updated with the incorrect value. An attacker could exploit this vulnerability to possibly corrupt memory and cause a denial of service. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108505_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108505>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2015-5312_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to an entity expansion flaw has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108319_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108319>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n**CVEID:** [_CVE-2015-7497_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlDictComputeFastQKey() function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108320_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108320>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7498_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to the processing of entities after encoding conversion failures have occured has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7499_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499>)** \nDESCRIPTION:** An unspecified error in Libxml2 related to some parser errors has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108322_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108322>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2015-7500_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a memory access error when handling invalid entity boundaries. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7941_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108071_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108071>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-7942_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942>)** \nDESCRIPTION:** Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseConditionalSections function. By using specially-crafted XML data, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108073_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108073>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2015-8241_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the XML parser in xmlNextChar. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8242_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the HTML parser in push mode in xmlSAX2TextNode. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108170_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108170>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2015-8317_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/108316_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108316>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Security Identity Manager Virtual Appliance versions 7.0.0.0, 7.0.0.1, 7.0.0.2, 7.0.0.3, 7.0.1\n\n## Remediation/Fixes\n\nEnsure that the version listed below is installed on the system. \n\nProduct Version| Fix level \n---|--- \nIBM Security Identity Manager (ISIM) Virtual Appliance releases 7.0.0.0, 7.0.0.1, 7.0.0.2, 7.0.0.3, 7.0.1| If current release version is 7.0.0.0, 7.0.0.1, 7.0.0.2 or 7.0.0.3, apply: \nIBM Security Identity Manager (ISIM) 7.0.1 release [7.0.1-ISS-SIM-FP0000](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Identity+Manager&release=7.0.1&platform=All&function=all>) \n \nthen apply: \nIBM Security Identity Manager (ISIM) [7.0.1.0-ISS-SIM-IF0002](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Identity+Manager&release=7.0.1.0&platform=All&function=all>) \n \nNote: 7.0.1.0-ISS-SIM-IF0002 contains the content of 7.0.1.0-ISS-SIM-IF0001. It is not required to install both interim fixes. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n2016/03/30: Initial Draft\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSRMWJ\",\"label\":\"IBM Security Identity Manager\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Identity Manager Virtual Appliance\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"7.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:40:57", "type": "ibm", "title": "Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3195", "CVE-2015-3196", "CVE-2015-4872", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317", "CVE-2016-0402", "CVE-2016-0448"], "modified": "2018-06-16T21:40:57", "id": "AACF6F6443D6B1F43A3B1EB2158C0974A7E3740F82735809A14DB68D406E34ED", "href": "https://www.ibm.com/support/pages/node/546727", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T21:58:05", "description": "## Summary\n\nLibxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-8317](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the xmlParseXMLDecl function. By using a malformed XML file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/108316> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n## Affected Products and Versions\n\nIBM Security Guardium 10\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Security Guardium _ _| _10 _| _PSIRT 66911 _| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=SqlGuard_10.0p6019_SecurityUpdate&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6019_SecurityUpdate&includeSupersedes=0&source=fc>) \n \n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:40:07", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by the OpenSource libxml2 vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8317"], "modified": "2018-06-16T21:40:07", "id": "D0A0F46532042E5EFF0B318CEB20930919394C41E25AF5EF8781A9600DF06A94", "href": "https://www.ibm.com/support/pages/node/543627", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:10:48", "description": "## Summary\n\nIBM Security Access Manager for Web is affected by a denial of service vulnerability in libxml2. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances, all firmware versions \nIBM Security Access Manager for Web 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances, all firmware versions\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 - 7.0.0.20 (appliances)| IV80986| 1\\. Apply Interim Fix 21: \n[_7.0.0-ISS-WGA-IF0021_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0 - 8.0.1.3| IV80971| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-WGA-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=All&function=all>)** ** \n2\\. Apply 8.0.1.3 Interim Fix 4:[_8.0.1.3-ISS-WGA-IF0004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager| 9.0 - 9.0.0.1| IV80971| 1\\. For 9.0 environments, upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nFebruary 1, 2016: Original version published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSPREK\",\"label\":\"Tivoli Access Manager for e-business\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"7.0;8.0;8.0.0.2;8.0.0.4;8.0.0.5;8.0.1;8.0.1.2;8.0.1.3;9.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:39:02", "type": "ibm", "title": "Security Bulletin: A libxml vulnerability affects IBM Security Access Manager for Web (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:02", "id": "89257A9062FB5478B817FD1D0B21510D31D1A39427F3EFCD4545A41253582842", "href": "https://www.ibm.com/support/pages/node/539043", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:05:25", "description": "## Summary\n\nThe Libxml library is a development toolbox providing the implementation of various XML standards. A security vulnerability has been discovered in Libxml used with IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.2 \nIBM Security Network Protection 5.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection | Firmware version 5.2| Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013 from [_IBM Fix Central_](<http://www-933.ibm.com/support/fixcentral/>) and upload and install via the Fix Packs page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3| Download Firmware 5.3.1.6 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3| Install Firmware 5.3.2 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n01 November 2015: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSHLHV\",\"label\":\"IBM Security Network Protection\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"Documentation\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"5.2.0;5.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:31:49", "type": "ibm", "title": "Security Bulletin: A vulnerability in Libxml affects IBM Security Network Protection (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:31:49", "id": "ECAE9C428E6921780DCBD019FD8DB249F90FAE52B7CDFC11A8FDE3AB81842108", "href": "https://www.ibm.com/support/pages/node/270005", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:12:21", "description": "## Summary\n\nVulnerabilities in Open Source libxml2 that is used by IBM Security Identity Governance\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Identity Governance and Intelligence 5.2\n\n## Remediation/Fixes\n\nIBM Security Identity Governance and Intelligence\n\n| 5.2| None| [5.2.0.1-ISS-SIGI-IF0002](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.0.0&platform=Linux&function=all>) \n---|---|---|--- \n \n_For _IBM Security Identity Governance 5.1.0 , IBM Security Identity Governance 5.1.1, _IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSGHJR\",\"label\":\"IBM Security Identity Governance and Intelligence\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"5.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:39:51", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open Source libxml2 affect IBM Security Identity Governance Appliance (CVE-2015-1819 )", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:51", "id": "272A70EAB7832A1CA1419E5AF531A4920BA199872E0D365408A139F34D31075E", "href": "https://www.ibm.com/support/pages/node/542407", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-27T14:04:33", "description": "## Summary\n\nIBM SmartCloud Entry is vulnerable to several libxml2 vulnerabilities. Remote attackers can exploit them to consume all available memory resources.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM SmartCloud Entry 2.2.0 through 2.2.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 2.3.0 through 2.3.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 2.4.0 through 2.4.0.3 Appliance fix pack 3 \nIBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 17 \nIBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 17\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM SmartCloud Entry| 2.2| None| IBM SmarctCloud Entry 2.2.0 Appliance fix pack 4: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&amp;product=ibm/Other+software/IBM+Starter+Kit+for+Cloud&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=2.2.0.4-IBM-SKC_APPL-FP004&amp;includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+Starter+Kit+for+Cloud&release=All&platform=All&function=fixId&fixids=2.2.0.4-IBM-SKC_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 2.3| None| IBM SmartCloud Entry 2.3.0 Appliance fix pack 4: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&amp;product=ibm/Other+software/IBM+SmartCloud+Entry&amp;release=2.3.0.3&amp;platform=All&amp;function=fixId&amp;fixids=2.3.0.4-IBM-SCE_APPL-FP004&amp;includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.3.0.3&platform=All&function=fixId&fixids=2.3.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 2.4| None| IBM SmartCloud Entry 2.4.0 Appliance fix pack 4:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.4.0&platform=All&function=fixId&fixids=2.4.0.3-IBM-SCE_APPL-FP003&includeSupersedes=0>) \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&amp;product=ibm/Other+software/IBM+SmartCloud+Entry&amp;release=2.4.0.3&amp;platform=All&amp;function=fixId&amp;fixids=2.4.0.4-IBM-SCE_APPL-FP004&amp;includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=2.4.0.3&platform=All&function=fixId&fixids=2.4.0.4-IBM-SCE_APPL-FP004&includeSupersedes=0>) \nIBM SmartCloud Entry| 3.1| None| IBM SmartCloud Entry 3.1.0 Appliance fix pack 18: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&amp;product=ibm/Other+software/IBM+SmartCloud+Entry&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=3.1.0.4-IBM-SCE_APPL-FP18&amp;includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=3.1.0.4-IBM-SCE_APPL-FP18&includeSupersedes=0>) \nIBM SmartCloud Entry| 3.2| None| IBM SmartCloud Entry 3.2.0 Appliance fix pack 18:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=3.2.0.4&platform=All&function=fixId&fixids=3.2.0.4-IBM-SCE_APPL-FP15&includeSupersedes=0>) \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&amp;product=ibm/Other+software/IBM+SmartCloud+Entry&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=+3.2.0.4-IBM-SCE_APPL-FP18+&amp;includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/IBM+SmartCloud+Entry&release=All&platform=All&function=fixId&fixids=+3.2.0.4-IBM-SCE_APPL-FP18+&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone known\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n## Important Note\n\nIBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [System z Security web site](<http://www.ibm.com/systems/z/solutions/security_subintegrity.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n[Subscribe to Security Bulletins](<http://www.ibm.com/support/mynotifications/>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n23 March 2016: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/bulletin/#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Product\":{\"code\":\"SST55W\",\"label\":\"IBM Cloud Manager with OpenStack\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.3;2.4;3.1;3.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2020-07-19T00:49:12", "type": "ibm", "title": "Security Bulletin: Libxml2 vulnerabilities affect IBM SmartCloud Entry (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2020-07-19T00:49:12", "id": "2EFA761D58F0D7141C702194752C3FC6082E24B56AF4D50FDDDCE3EADBD675E9", "href": "https://www.ibm.com/support/pages/node/682123", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:10:45", "description": "## Summary\n\nIBM Security Access Manager for Mobile is affected by a denial of service vulnerability in libxml2. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Mobile 8.0 appliances, all firmware versions \nIBM Security Access Manager 9.0 appliances, all firmware versions\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Mobile| 8.0 - 8.0.1.3| IV80972| 1\\. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3: \n[8.0.1-ISS-ISAM-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \n2\\. Apply 8.0.1.3 Interim Fix 4: \n[8.0.1.3-ISS-ISAM-IF0004 ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0.1.3&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0| IV80971| 1\\. Upgrade to 9.0.0.1: \n[9.0.0-ISS-ISAM-FP0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n2\\. Apply 9.0.0.1 Interim Fix 1: \n[_9.0.0.1-ISS-ISAM-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=Linux&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nFebruary 1, 2016: Original version published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSELE6\",\"label\":\"IBM Security Access Manager for Mobile\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"8.0;8.0.0.1;8.0.0.2;8.0.0.3;8.0.0.4;8.0.0.5;8.0.1;8.0.1.2;8.0.1.3;9.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2018-06-16T21:39:39", "type": "ibm", "title": "Security Bulletin: A libxml vulnerability affects IBM Security Access Manager for Mobile (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-16T21:39:39", "id": "94ADF9C910A362467000D0DD8590BD5C24E2AED265E1E3B9AB7A109A4D0AF94F", "href": "https://www.ibm.com/support/pages/node/541373", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:15:17", "description": "## Summary\n\nIBM DataPower Gateways has addressed a vulnerability in parsing certain XML files that could cause a denial of service.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-1819_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819>)** \nDESCRIPTION:** Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error in the xmlreader when processing XML data. A remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107272_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107272>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM DataPower Gateway appliances versions 7.2.0.0, 7.2.0.1 and 7.2.0.2\n\n## Remediation/Fixes\n\nFix is available in version 7.2.0.3. Refer to [APAR IT12605](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT12605>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n_For DataPower customers using versions 5.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## Workarounds and Mitigations\n\nNone.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n5 February 2016: Original Version Published \n10 February 2016: Clarified wording for Affected Versions\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SS9H2Y\",\"label\":\"IBM DataPower Gateway\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"7.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-15T07:04:54", "type": "ibm", "title": "Security Bulletin: A vulnerability in XML processing affects IBM DataPower Gateways (CVE-2015-1819)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1819"], "modified": "2018-06-15T07:04:54", "id": "F5F7933E4670518D029E646B3B5F66B6C322058A1D1D30AD54B208AD8D95B0DE", "href": "https://www.ibm.com/support/pages/node/539887", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-30T21:44:48", "description": "## Problem\n\nCognos Analytics and Cognos Business Intelligence Security Bulletins and Alerts.\n\n## Resolving The Problem\n\n## Tab navigation\n\n * CA 11.0.x\n * BI 10.2.2\n * BI 10.2.1\n * BI 10.2\n\nSecurity bulletins and Alerts for Cognos Analytics 11.0.x. \n--- \n**Published / Updated** | **Title** \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011561>) \nJanuary 2018 | [Cognos Analytics\u306eLibxml2\u8106\u5f31\u6027\u306b\u3064\u3044\u3066](<http://www.ibm.com/support/docview.wss?uid=swg22012361>) \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011810>) \nSeptember 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22007242>) \nAugust 2017 | [Cognos Analytics \u306f\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0(XSS)\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059](<http://www.ibm.com/support/docview.wss?uid=swg22007549>) \nJuly 2017 | [Cognos Analytics is not affected by the Apache Xalan-Java vulnerability (CVE-2014-0107)](<http://www-01.ibm.com/support/docview.wss?uid=swg22005943>) \nJune 2017 | [Cognos Analytics is affected by a Cross-Site Scripting (XSS) vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg22004980>) \nMay 2017 | [Cognos Analytics is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www-01.ibm.com/support/docview.wss?uid=swg22003427>) \nMay 2017 | [Cognos Analytics is affected by CVE-2016-0398](<http://www-01.ibm.com/support/docview.wss?uid=swg21977070>) \nMay 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg22000095>) \nApril 2017 | [Cross Site Scripting (XSS) vulnerability affects Cognos Analytics](<http://www-01.ibm.com/support/docview.wss?uid=swg21999791>) \nMarch 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21998887>) \nMarch 2017 | [Privilege Escalation vulnerability affects Cognos Analytics (CVE-2016-8960)](<http://www-01.ibm.com/support/docview.wss?uid=swg21993720>) \nJanuary 2017 | [A vulnerability in the GSKit component of Cognos Analytics (CVE-2016-0201)](<http://www-01.ibm.com/support/docview.wss?uid=swg21975045>) \nJanuary 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21996417>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.2. \n--- \n**Published / Updated**| **Title** \nJuly 2018| [IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=ibm10715641>) \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [A vulnerability in the GSKit library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004075>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-2017)](<http://www.ibm.com/support/docview.wss?uid=swg21976798>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [A vulnerability in IBM Websphere Application Server affects Cognos Metrics Manager (CVE-2016-5983)](<http://www.ibm.com/support/docview.wss?uid=swg21999722>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Business Intelligence Server (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21975044>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Metrics Manager (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974810>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerability exists in GSKit that affects Cognos Metrics Manager (CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701318>) \nApril 2015| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701222>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Metrics Manager (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693182>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.1. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager.](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nDecember 2014| [Vulnerability in SSLv3 affects Cognos Metrics Manager (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21687710>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \n\\-->\n\n[{\"Product\":{\"code\":\"SSTSF6\",\"label\":\"IBM Cognos Analytics\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"11.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Product\":{\"code\":\"SSEP7J\",\"label\":\"Cognos Business Intelligence\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"10.2;10.2.1;10.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-19T16:57:09", "type": "ibm", "title": "Security Bulletins - Cognos Analytics and Cognos Business Intelligence", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5784", "CVE-2012-6153", "CVE-2013-2407", "CVE-2013-2450", "CVE-2013-3030", "CVE-2013-4002", "CVE-2013-4034", "CVE-2013-4322", "CVE-2013-5372", "CVE-2013-5802", "CVE-2013-5825", "CVE-2013-6732", "CVE-2013-6747", "CVE-2013-6954", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0107", "CVE-2014-0114", "CVE-2014-0119", "CVE-2014-0224", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0423", "CVE-2014-0460", "CVE-2014-0854", "CVE-2014-0861", "CVE-2014-0878", "CVE-2014-0963", "CVE-2014-1568", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3577", "CVE-2014-4263", "CVE-2014-6145", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8275", "CVE-2014-8730", "CVE-2014-8917", "CVE-2014-9495", "CVE-2015-0138", "CVE-2015-0159", "CVE-2015-0204", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0973", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-1819", "CVE-2015-2017", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-4000", "CVE-2015-4748", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-5312", "CVE-2015-5345", "CVE-2015-7450", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7940", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8472", "CVE-2015-8540", "CVE-2016-0201", "CVE-2016-0398", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0729", "CVE-2016-0762", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2183", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-3705", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-5983", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6816", "CVE-2016-8960"], "modified": "2018-07-19T16:57:09", "id": "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "href": "https://www.ibm.com/support/pages/node/568041", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:07:08", "description": "## Question\n\nWhat Technotes exist for the IBM Security Network Protection / IBM QRadar Network Security (XGS) sensor?\n\n## Answer\n\nThe content below includes a list of all technical notes published under IBM Security Network Protection / IBM QRadar Network Security by category and sorted by popularity. Users can expand or collapse each section below using the + / - buttons. As new documentation is released, this content will be updated and new articles added. Click Expand All prior to starting a CTRL-F search. \n\n## IBM QRadar Network Security, IBM Security Network Protection\n\nExpand All\n\n\\+ \\--\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[7047980](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | [May 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | 2018-05-24 | 1 \n[1998843](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | [IBM QRadar Network Security firmware update 5.4.0 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | 2017-05-08 | 2 \n[2010305](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | [Security Bulletin: IBM Security Network Protection is affected by vulnerabilities in OpenSSH (CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011)](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | 2018-02-15 | 3 \n[1902736](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | [System requirements for IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | 2017-04-14 | 4 \n[2003331](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | 2017-05-15 | 5 \n[2008340](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in openssh (CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 CVE-2016-6210 CVE-2016-6515)](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | 2018-02-15 | 6 \n[2008339](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in tcpdump](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | 2018-02-15 | 7 \n[2008854](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | 2018-02-15 | 8 \n[2008853](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | 2018-02-15 | 9 \n[2009835](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerability in subversion (CVE-2017-9800)](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | 2018-02-15 | 10 \n[2007316](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0004](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | 2017-08-24 | 11 \n[2001911](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | [Unable to upgrade IBM QRadar Network Security firmware version 5.3.x to 5.4.x from the inserted USB flash drive.](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | 2017-12-11 | 12 \n[2007535](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | [Security Bulletin: IBM QRadar Network Security is affected by a less-secure algorithm during negotiations vulnerability (CVE-2017-1491)](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | 2018-02-15 | 13 \n[1996987](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | [IBM QRadar Network Security 5.4 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | 2017-04-18 | 14 \n[2007918](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | [Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | 2018-02-15 | 15 \n[1988573](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | [IBM QRadar Network Security (XGS) Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | 2017-04-14 | 16 \n[2007554](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in bash (CVE-2016-9401, CVE-2016-7543, CVE-2016-0634)](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | 2018-02-15 | 17 \n[1995440](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | [Security Bulletin: A vulnerability in Expat XML parser affects IBM Security Network Protection (CVE-2016-0718) ](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | 2018-02-15 | 18 \n[7049539](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | [Open Mic replay: What is new in the latest XGS firmware updates - 29 March 2017 (Includes link to video; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | 2017-04-15 | 19 \n[2007557](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in libtasn1 (CVE-2015-3622, CVE-2015-2806)](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | 2018-02-15 | 20 \n[2003343](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | 2018-02-15 | 21 \n[2007551](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of XML External Entity Injection (CVE-2017-1458)](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | 2018-02-15 | 22 \n[2004744](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | [Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Linux Kernel](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | 2018-02-15 | 23 \n[2007315](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0003 ](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | 2017-08-24 | 24 \n[2007550](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of Cross-Site Scripting (CVE-2017-1457)](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | 2018-02-15 | 25 \n[2007539](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | [Security Bulletin: IBM QRadar Network Security has updated commons-fileupload for known vulnerabilities (CVE-2016-3092)](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | 2018-02-15 | 26 \n[2007553](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in Curl (CVE-2016-7167)](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | 2018-02-15 | 27 \n[1987978](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | [Security Bulletin: Vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2015-5352, CVE-2015-6563, and CVE-2015-6564) ](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | 2018-02-15 | 28 \n[2005764](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | 2018-02-15 | 29 \n[1979372](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | [Security Bulletin: A vulnerability in libssh2 affects IBM Security Network Protection (CVE-2016-0787) ](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | 2018-02-15 | 30 \n[1996290](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | [5.3.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | 2017-04-14 | 31 \n[2007552](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | 2018-02-15 | 32 \n[1988243](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | [5.3.2.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | 2017-04-14 | 33 \n[1993670](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, and CVE-2016-5542)](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | 2018-02-15 | 34 \n[1996808](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | [5.3.1.11-ISS-XGS-All-Models-Hotfix-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | 2017-04-14 | 35 \n[2001802](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0005](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | 2017-04-18 | 36 \n[1980157](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2015-8629, and CVE-2015-8631) ](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | 2018-02-15 | 37 \n[1991724](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | 2018-02-15 | 38 \n[1999248](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-8325)](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | 2018-02-15 | 39 \n[2003045](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | [Security Bulletin: IBM Security Network Protection is affected by Vulnerabilities in GNU Bash](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | 2018-02-15 | 40 \n[2003046](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | 2018-02-15 | 41 \n[2003341](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | 2018-02-15 | 42 \n[7049549](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | [IBM Infrastructure Security Support February 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | 2017-04-15 | 43 \n[2005379](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc (CVE-2017-1000366)](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | 2018-02-15 | 44 \n[7050074](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | [IBM Infrastructure Security Support June 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | 2017-07-17 | 45 \n[1961717](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000) ](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | 2018-02-15 | 46 \n[1992187](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | [IBM QRadar Network Security XGS 5200/7100 fails to start](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | 2017-05-16 | 47 \n[7050656](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | [IBM Infrastructure Security Support November 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | 2017-12-18 | 48 \n[1984583](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | 2018-02-15 | 49 \n[2000992](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | [Blocking tunneled packets in IBM QRadar Network Security XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | 2017-07-16 | 50 \n[2001907](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | [Security Bulletin: Vulnerabilities in GNU C library (glibc) affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | 2018-02-15 | 51 \n[2003633](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | 2018-02-15 | 52 \n[7049861](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | [IBM Infrastructure Security Support April 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | 2017-05-20 | 53 \n[7050269](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | [IBM Infrastructure Security Support August 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | 2017-09-18 | 54 \n[1961447](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | [Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | 2018-02-15 | 55 \n[1985122](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | 2018-02-15 | 56 \n[1985753](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | [Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | 2018-02-15 | 57 \n[1990083](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | [Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | 2018-02-15 | 58 \n[1994071](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | [Security Bulletin: A vulnerability in GnuPG libgcrypt affects IBM Security Network Protection (CVE-2016-6313) ](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | 2018-02-15 | 59 \n[1997604](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | [Network interface module population changes on the XGS appliance are not reflected on the managing SiteProtector System](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | 2017-04-18 | 60 \n[1999246](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | 2018-02-15 | 61 \n[2001184](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | [Pressing and holding the power button does not shut down the IBM QRadar Network Security XGS 5200 appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | 2017-06-19 | 62 \n[2002507](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM Security Network Protection XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | 2018-02-15 | 63 \n[7039297](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | [Network Protection documentation update: Setting up SSL inspection for the Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | 2017-08-09 | 64 \n[7049965](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | [IBM Infrastructure Security Support May 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | 2017-06-27 | 65 \n[7050550](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | [IBM Infrastructure Security Support October 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | 2018-05-24 | 66 \n[1903520](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | [Microsoft Update fails when Outbound SSL inspection is enabled](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | 2018-05-01 | 67 \n[1961467](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | [Security Bulletin: Vulnerabilities in GNU glibc affect IBM Security Network Protection (CVE-2013-7423, and CVE-2015-1781) ](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | 2018-02-15 | 68 \n[1964040](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | [Known Issues for IBM Security Network Protection firmware update 5.3.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | 2017-07-17 | 69 \n[1984424](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | 2018-02-15 | 70 \n[1986974](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | [Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | 2018-02-15 | 71 \n[1989336](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | [Security Bulletin: Multiple Denial of Service vulnerabilities with Expat might affect IBM HTTP Server used with IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | 2018-02-15 | 72 \n[1995885](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | [5.3.1.11-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | 2017-04-14 | 73 \n[1999162](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2016-8610, and CVE-2017-3731)](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | 2018-02-15 | 74 \n[1999513](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | 2018-02-15 | 75 \n[2002624](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM QRadar Network Security XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | 2018-02-15 | 76 \n[2011746](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | 2018-05-01 | 77 \n[2011787](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | 2018-05-01 | 78 \n[2016549](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | [Security Bulletin: IBM Security Network Protection is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | 2018-06-03 | 79 \n[7049238](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | [IBM Infrastructure Security Support November 2016 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | 2017-10-17 | 80 \n[7049645](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | [IBM Infrastructure Security Support March 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | 2018-05-24 | 81 \n[7050420](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | [IBM Infrastructure Security Support September 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | 2018-01-15 | 82 \n[7050716](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | [IBM Infrastructure Security Support December 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | 2018-05-24 | 83 \n[7050809](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | [IBM Infrastructure Security Support January 2018 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | 2018-05-24 | 84 \n[7050900](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | [February 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | 2018-05-24 | 85 \n[7050972](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | [March 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | 2018-05-24 | 86 \n[7051105](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | [April 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | 2018-05-25 | 87 \n \n\\+ Backups and Recovery\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1669579](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | [Creating snapshots and options on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | 2018-05-01 | 1 \n[1974662](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | [Restoring a QRadar Network Security sensor to factory defaults settings](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | 2017-08-06 | 2 \n[1695898](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | [Reimaging the Security Network Protection (XGS) appliance using the PXE image](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | 2017-04-14 | 3 \n[1437385](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | [Accessing a recovery CD or DVD for a Proventia or IBM Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | 2018-05-01 | 4 \n \n\\+ Bypass\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1882622](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | [Security Network Protection built-in bypass general information](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | 2018-05-01 | 1 \n[1695421](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | [Protection interfaces on Network Protection flapping in firmware 5.3.0.2 and earlier](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | 2018-01-29 | 2 \n[1988927](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | [Hardware bypass can cause port channel to go down on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | 2017-09-26 | 3 \n \n\\+ Command Line Interface (CLI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1984900](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | [Security Network Protection Command Line Interface (CLI) troubleshooting commands](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | 2018-05-01 | 1 \n[1883213](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | [Capturing network traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | 2017-10-30 | 2 \n[1903461](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | [Affected processes when restarting services from the CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | 2017-08-28 | 3 \n[7045931](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | [Open Mic Webcast: Making use of logs and captures on the XGS - Wednesday, 24 June 2015 [includes link to recording; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | 2018-05-23 | 4 \n[1990297](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | [DPI reenabled after manually disabling it on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | 2017-11-06 | 5 \n[1966577](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | [\"Command failure\" when checking interface status on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | 2017-04-14 | 6 \n[1970266](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | [System shutdown produces irq 16 error on XGS 7100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | 2017-04-14 | 7 \n \n\\+ Documentation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1974231](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | [Security Bulletin: CBC mode ciphers, weak MD5 and MAC algorithms vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2008-5161) ](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | 2018-02-15 | 1 \n[1986450](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | [IBM Security Network Protection firmware update 5.3.3 release notes ](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | 2018-05-28 | 2 \n[1996724](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | [IBM Security Network Protection firmware update 5.3.3.2 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | 2017-04-14 | 3 \n[1993418](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | [Stacking IBM Security Network Protection XGS Appliance 7100 ](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | 2017-07-12 | 4 \n[1984078](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | [IBM Security Network Protection firmware update 5.3.2.3 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | 2017-05-10 | 5 \n[1687204](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | [IBM Security Network Protection 5.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | 2017-10-16 | 6 \n[1993057](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | [IBM Security Network Protection firmware update 5.3.3.1 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | 2017-04-14 | 7 \n[1986529](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | [IBM Security Network Protection XGS Appliance Machine Code Updates for the firmware update 5.3.3.](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | 2018-05-27 | 8 \n[1968171](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | [IBM Security Network Protection firmware update 5.3.2 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | 2017-04-14 | 9 \n[1997036](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | [Optimizing packet processing for an IBM Security Network Protection XGS 7100 appliance with network interface module (NIM) bays partially populated](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | 2017-04-14 | 10 \n[1902372](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | [Using the Infrastructure Security support forum in dW Answers](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | 2018-05-01 | 11 \n[1996693](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | [Blocking HTTPS websites using domain category objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | 2018-05-23 | 12 \n[1996771](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | [IBM Security Network Protection firmware update 5.3.2.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | 2017-04-14 | 13 \n[1988993](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | [IBM Security Network Protection firmware update 5.3.2.4 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | 2017-04-14 | 14 \n[1993417](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | [Configuring IBM Security Network Protection 5.3.3.1 to use flow data collector mode](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | 2017-04-14 | 15 \n[1694966](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | [IBM Security Network Protection 5.3.1 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | 2017-06-27 | 16 \n[1968449](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | [IBM Security Network Protection firmware update 5.3.1.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | 2017-04-14 | 17 \n[1978185](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | [IBM Security Network Protection firmware update 5.3.2.2 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | 2017-04-14 | 18 \n[1974242](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | [Security Bulletin: A vulnerability in the GSKit component of IBM Security Network Protection Why (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | 2017-04-14 | 19 \n[1993327](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | [IBM Security Network Protection firmware update 5.3.2.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | 2017-04-14 | 20 \n[1971777](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | [Automated Service and Support on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | 2017-04-14 | 21 \n[1986088](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | [Configuring Address objects for the Management Access Policy on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | 2017-08-24 | 22 \n[1997651](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | [Configuring Remote Syslog over TLS for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | 2018-01-08 | 23 \n[1688361](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | [Understanding the term User Overridden in regard to security event configurations on GX and XGS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | 2018-05-01 | 24 \n[1971601](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | [IBM Security Network Protection firmware update 5.3.1.6 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | 2017-10-17 | 25 \n[1974524](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | [IBM Security Network Protection firmware update 5.3.1.7 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | 2017-04-14 | 26 \n[1975225](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | [Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | 2017-04-14 | 27 \n[1989026](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | [IBM Security Network Protection firmware update 5.3.1.10 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | 2017-04-14 | 28 \n[2003106](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | [Reduce link propagation duration on IBM QRadar Network Security (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | 2017-09-13 | 29 \n[1683071](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | [Security Network Protection Appliance (XGS) stuck in debug mode](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | 2018-05-01 | 30 \n[1977808](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | [IBM Security Network Protection 5.3.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | 2018-05-01 | 31 \n[1990337](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | [Using RESTful API to modify policies on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | 2017-04-14 | 32 \n[1993329](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | [IBM Security Network Protection firmware update 5.3.1.11 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | 2017-04-14 | 33 \n[1966695](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2015-5621) ](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | 2017-04-14 | 34 \n[1966972](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | [Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | 2017-04-14 | 35 \n[1977281](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-7547)](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | 2017-04-14 | 36 \n[1692722](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | [Requirement for managing the IBM Security Network Protection appliance in a NAT environment using the IBM Security SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | 2017-04-14 | 37 \n[1996773](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | [IBM Security Network Protection firmware update 5.3.1.12 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | 2017-04-14 | 38 \n[2004898](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | [SNMP interface name association on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | 2017-10-02 | 39 \n[1965877](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2014-3565) ](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | 2017-04-14 | 40 \n[1967057](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | [Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Security Network Protection (CVE-2015-3183, and CVE-2015-1283)](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | 2017-04-14 | 41 \n[1978181](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | [IBM Security Network Protection firmware update 5.3.1.8 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | 2017-04-14 | 42 \n[1978438](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | 2017-04-14 | 43 \n[1662537](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | [Fingerprint USB flash drives are unable to reimage an XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | 2017-04-14 | 44 \n[1665106](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | 2017-04-14 | 45 \n[1964539](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | [Security Bulletin: Vulnerabilities in libuser affect IBM Security Network Protection (CVE-2015-3245, CVE-2015-3246) ](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | 2017-04-14 | 46 \n[1966578](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405) ](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | 2017-04-14 | 47 \n[1967169](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2014-8121) ](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | 2017-04-14 | 48 \n[1969664](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | [Security Bulletin: A vulnerability in Libxml affects IBM Security Network Protection (CVE-2015-1819) ](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | 2017-04-14 | 49 \n[1972209](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | [Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345) ](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | 2017-04-14 | 50 \n[1972382](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | 2017-04-14 | 51 \n[1974423](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | [5.3.1.6-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | 2017-12-11 | 52 \n[1974550](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2015-3194, CVE-2015-3195, and CVE-2015-3196) ](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | 2017-04-14 | 53 \n[1974989](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | [Security Bulletin: A vulnerability in SQLite affects IBM Security Network Protection (CVE-2015-3416) ](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | 2017-04-14 | 54 \n[1975835](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | 2017-04-14 | 55 \n[1979393](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | 2017-04-14 | 56 \n[1984069](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | [IBM Security Network Protection firmware update 5.3.1.9 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | 2017-05-09 | 57 \n[1993419](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | [Configuring logon session limit for IBM Security Network Protection 5.3.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | 2017-04-14 | 58 \n \n\\+ Firmware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1688434](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | [Generating a support file on the IBM Security Network Protection appliance (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | 2017-04-14 | 1 \n[1883739](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | [SNMP OID list for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | 2018-05-01 | 2 \n[1685000](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | [IBM Security Network Protection (XGS) appliance reimage instructions using the USB device](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | 2017-04-14 | 3 \n[2010780](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | [IBM QRadar Network Security firmware update 5.4.0.3 readme](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | 2017-12-13 | 4 \n[2007210](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | [IBM QRadar Network Security firmware update 5.4.0.2 readme](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | 2017-12-05 | 5 \n[1959896](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | [Migrate policies before running Security Network Protection firmware updates](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | 2018-01-29 | 6 \n[2002664](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | [IBM QRadar Network Security firmware update 5.4.0.1 readme](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | 2017-12-05 | 7 \n[2010783](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | [IBM Security Network Protection firmware update 5.3.3.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | 2017-12-13 | 8 \n[2002662](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | [IBM Security Network Protection firmware update 5.3.3.3 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | 2017-06-19 | 9 \n[2007211](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | [IBM Security Network Protection firmware update 5.3.3.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | 2017-09-28 | 10 \n[1681609](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | [Mapping SiteProtector IBM QRadar Network Security IQNS (XGS) policy names to local appliance XML files](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | 2018-05-01 | 11 \n[2010784](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | [IBM Security Network Protection firmware update 5.3.1.15 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | 2017-12-13 | 12 \n[1691157](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | [Security Network protection (XGS) Shared Object policies that are replaced after upgrade DBSP 3.1.1.2 and 3.1.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | 2018-05-01 | 13 \n[1964460](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | [IBM Security Network Protection Firmware Version 5.3.1.3 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | 2017-08-24 | 14 \n[1961419](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | [IBM Security Network Protection Firmware Version 5.3.1.2 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | 2017-10-16 | 15 \n[1990406](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | [Upgrade to IBM Security Network Protection (XGS) Firmware version 5.3.3 fails and causes the appliance un-configured.](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | 2017-04-14 | 16 \n[2007212](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | [IBM Security Network Protection firmware update 5.3.1.14 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | 2017-09-28 | 17 \n[1902801](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | [IBM Infrastructure Security versioning information](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | 2017-08-24 | 18 \n[1961660](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | [Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | 2018-02-15 | 19 \n[7047165](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | [Open Mic Webcast: What is new in the XGS v5.3.2 firmware release? - 9 December 2015 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | 2017-04-15 | 20 \n[1691283](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | [Missing SiteProtector Management page after updating to 5.3 firmware](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | 2018-05-01 | 21 \n[1961670](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422) ](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | 2018-02-15 | 22 \n[7048510](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | [Open Mic Webcast: About the XGS 5.3.3 firmware release - 25 August 2016 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | 2017-04-15 | 23 \n[1957677](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | [Upgrading multiple firmware versions at one time on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | 2017-08-09 | 24 \n[1959774](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | [IBM Security Network Protection Firmware Version 5.3.1.1 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | 2018-05-01 | 25 \n[1961454](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | 2018-02-15 | 26 \n[1965761](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | [Network Protection Firmware Version 5.3.1.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | 2017-08-24 | 27 \n[1989974](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | [Unconfigured state after upgrading from 5.2 or 5.3.0.x to 5.3.3 on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | 2017-10-02 | 28 \n[2002663](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | [IBM Security Network Protection firmware update 5.3.1.13 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | 2017-06-19 | 29 \n[2014163](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | [IBM Security Network Protection firmware update 5.3.1.16 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | 2018-05-01 | 30 \n[2014164](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | [IBM Security Network Protection firmware update 5.3.3.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | 2018-05-01 | 31 \n[2014165](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | [IBM QRadar Network Security firmware update 5.4.0.4 readme](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | 2018-05-01 | 32 \n[2015856](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | [End of support (EOS) announcement: IBM Security Network Protection (XGS) firmware versions 5.3.1 and 5.3.3](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | 2018-05-13 | 33 \n \n\\+ Fix Packs\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1696498](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | [5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | 2017-04-14 | 1 \n \n\\+ General Information\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1644709](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | [IBM Security Network Protection XGS Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | 2018-05-15 | 1 \n[1993939](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | [IBM Qradar Network Security (IQNS) is Unhealthy in SiteProtector, with health check message: \"Management Certificate Authorities Status\"](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | 2018-05-01 | 2 \n[1994106](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | [Error: \"BUG: soft lockup - CPU#1 stuck for 67s!\" on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | 2018-05-23 | 3 \n[1662575](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | [Configuring the IBM Security Network Protection (XGS) remote syslog to send events to QRadar SIEM](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | 2017-04-14 | 4 \n[1970829](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | [Call home server IP addresses for automated Service and Support requests](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | 2017-10-06 | 5 \n[7050516](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | [Open Mic Webcast: Frequently asked How-to questions for XGS - Thursday, 7 December 2017 (Includes link to replay; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | 2017-12-14 | 6 \n[1683796](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | [Configuring the management IP on the QRadar Network Security (XGS) appliance via serial console](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | 2018-05-01 | 7 \n[1639239](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | [ISS.mib file download](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | 2017-08-24 | 8 \n[1980543](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | [Checking the health of Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | 2018-05-29 | 9 \n[1969670](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600) ](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | 2017-04-14 | 10 \n[1608008](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | [IBM Security Network Protection XGS 5000 Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | 2018-05-01 | 11 \n[1983893](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | [XFF header configuration on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | 2018-06-01 | 12 \n[1690064](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | [The Security Network Protection appliance Certificate Authority expires soon](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | 2018-05-01 | 13 \n[1687475](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | [Some XGS events are being allowed after setting the Block response](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | 2017-09-04 | 14 \n[1972163](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | [Security Network Protection (XGS) is in Offline status but events are seen in the SiteProtector Console](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | 2017-04-14 | 15 \n[1715537](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | [Known issues for IBM Security Network Protection version 5.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | 2018-05-04 | 16 \n[1667625](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | [Packet flow through the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | 2018-05-01 | 17 \n[1973893](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | [Resolving \"certificate is invalid\" errors between SiteProtector and Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | 2017-04-14 | 18 \n[1981483](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | [Resetting admin account credentials on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | 2017-08-02 | 19 \n[1972077](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | [Registering a Security Network Protection appliance to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | 2017-04-14 | 20 \n[1980541](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | [Create alerts based on specific Security Network Protection (XGS) system alerts](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | 2017-04-14 | 21 \n[1981030](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | [OpenSignature setup and rule creation for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | 2017-04-14 | 22 \n[2001013](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | [How to verify if FIPS mode is enabled on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | 2018-05-01 | 23 \n[1983883](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | [Changing the hostname and agent name of a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | 2017-08-09 | 24 \n[7046863](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | [Open Mic Webcast: XGS High Availability and Bypass - 28 October 2015 [presentation is attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | 2017-04-15 | 25 \n[1968313](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | [Unable to open or edit Security Network Protection (XGS) policies from SiteProtector Console.](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | 2017-09-04 | 26 \n[7046480](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | [Open Mic Webcast: Configuring OpenSignature (SNORT) on XGS - 23 September 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | 2017-04-15 | 27 \n[1695933](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | [Determining the hostname, MAC, and IP address of a QRadar Network Security appliance from a support file](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | 2018-05-23 | 28 \n[1982555](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | [Network Time Policy (NTP) cannot be modified](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | 2018-05-01 | 29 \n[1995795](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | [Replacing the self-signed certificate on Security Network Protection appliances](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | 2018-03-05 | 30 \n[1974447](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | [Exporting a previous policy version for QRadar Network Security in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | 2018-02-25 | 31 \n[1981482](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | [Hardening the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | 2018-05-21 | 32 \n[2008040](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | [Support for defanged IP addresses and URLs on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | 2017-09-13 | 33 \n[2003988](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | [Troubleshooting and tuning the Malware Analysis feature in QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | 2018-05-28 | 34 \n[2011003](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | [Verifying that NTP is working on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | 2018-05-01 | 35 \n[1984940](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | [The number of concurrent sessions of IBM Security Network Protection differs from that on the data sheet.](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | 2017-05-24 | 36 \n[2010544](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | [Error: \"anyAddress: required field is null\" when saving a Host Address object for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | 2017-12-13 | 37 \n[1970499](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | [QRadar Network Security is Unhealthy in SiteProtector due to disconnected monitoring interfaces](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | 2017-09-26 | 38 \n[1977762](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | [Inspecting IPv6 traffic that uses the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | 2018-05-01 | 39 \n[2002825](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | [Troubleshooting email responses not working on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | 2018-05-01 | 40 \n[7049119](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | [Open Mic Webcast: XGS version 5.3.3.1 - Wednesday, December 14, 2016 (Includes link to replay and corrected slide deck)](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | 2017-04-15 | 41 \n[1959895](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | [Locating CVE-related bulletins for your Infrastructure Security product](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | 2017-08-24 | 42 \n[1994079](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | [ISNP/IQNS (XGS) Open Mic Presentation Index ](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | 2017-06-05 | 43 \n[7048201](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | [Open Mic Webcast: A new vulnerability has been discovered - How do I protect my network using IBM Network Security Protection? Thursday, 30 June 2016 [Includes link to replay. Presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | 2017-04-15 | 44 \n[1688889](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | [XGS reports an event matching a non-existent rule in the Network Access Policy ](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | 2017-08-04 | 45 \n[1690336](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | [Migrate XGS policies before running 5.3 firmware update](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | 2017-09-04 | 46 \n[1967068](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | [\"Verifying checksums...\" displayed on the LCD of the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | 2017-10-17 | 47 \n[1996658](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | [IBM Security Network Protection (XGS) generated support file has 0 Kb file size](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | 2018-05-01 | 48 \n[7048226](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | [IBM Support Open Mic Replay: Ask the InfraStructure Security Experts - 27 July 2016 [OpenSignature presentation is attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | 2017-04-15 | 49 \n[1645456](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | [Must exclude protection interface IP address from proxy configuration for IBM Security Network Protection appliances placed between users and proxy servers](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | 2017-04-14 | 50 \n[1685118](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | [Issues with Firefox version 31.x and 32.x and outbound SSL inspection using the IBM Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | 2017-08-29 | 51 \n[1697063](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | [Fixes included in 5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | 2017-04-14 | 52 \n[1701033](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | [SNMP traffic lists protection interface address as source IP address](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | 2017-04-14 | 53 \n[1884020](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | [SiteProtector System does not display correct IP address for Network Security appliance in NAT environment](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | 2017-04-14 | 54 \n[1993269](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | [Firewall rules necessary to ensure X-Force Exchange site access](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | 2017-04-14 | 55 \n[1993349](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | [Impact of the 2016-12-31 leap second IBM Security Infrastructure products](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | 2018-05-23 | 56 \n[2002060](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | [ISNP/IQNS (XGS) YouTube Video Index](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | 2017-07-05 | 57 \n[7046993](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | [Open Mic Webcast: So I just deployed the IBM Security Network Protection Appliance - what do I do next? 18 November 2015 [Includes link to replay] [Slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | 2017-06-05 | 58 \n[1599354](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | [Security Systems My Notifications subscription instructions](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | 2017-04-14 | 59 \n[1655377](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | [Security Bulletin: Security Network Protection is affected by a cross-site scripting vulnerability (CVE-2013-5442)](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | 2018-02-15 | 60 \n[1667602](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | [Encryption used by the Network Protection (XGS) when communicating with ibmxpu.flexnetoperations.com](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | 2018-05-01 | 61 \n[1688002](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | [Known Issues for IBM Security Network Protection Firmware Version 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | 2017-04-14 | 62 \n[1692094](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | [Network Protection policies are missing from SiteProtector after upgrading firmware to 5.3 or 5.3.0.1](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | 2018-05-01 | 63 \n[1697667](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | [5.3.0.1-ISS-XGS-All-Models-Hotfix-FP0001 ](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | 2017-04-14 | 64 \n[1963637](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | [Disabling QRadar Network Security event posting to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | 2017-09-26 | 65 \n[1966075](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | [Severity-based event responses on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | 2017-09-11 | 66 \n[1969771](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | [Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | 2017-04-14 | 67 \n[1980537](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | [Disabling TCP timestamps on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | 2018-05-28 | 68 \n[1984726](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | [Security Network Protection (XGS) appliances send packets out of order](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | 2018-05-01 | 69 \n[1988858](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | [Determine whether the XGS 5100 requires a 5.3.2.3 LCD Hotfix](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | 2017-08-24 | 70 \n[7048767](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | [Open Mic replay: Basic Troubleshooting of XGS - 22 September 2016 ](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | 2017-04-15 | 71 \n[1643250](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | [IBM Security Systems Infrastructure product aliases](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | 2017-09-04 | 72 \n[1665279](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | [Security Bulletin: IBM Security Network Protection System can be affected by vulnerabilities in Ruby on Rails and the Ruby language (CVE-2013-4492, CVE-2013-4164)](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | 2018-02-15 | 73 \n[1686343](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | [Confirm user name and reset password for the Logon-event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | 2018-05-01 | 74 \n[1689782](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | [System Error Top 10 Applications: Unable to retrieve the data requested](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | 2017-04-14 | 75 \n[1987547](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | [Where can a customer obtain information about new network attacks? ](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | 2017-07-08 | 76 \n[1987984](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | [System Event code list for IBM Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | 2018-06-03 | 77 \n[1988153](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | [Obtaining information about protection against new network attacks](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | 2017-09-18 | 78 \n[2011432](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | [FNXUD0002I system events in Monitoring mode on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | 2018-02-19 | 79 \n \n\\+ Hardware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680286](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | [IBM QRadar Network Security IQNS (XGS) 3100/4100/5100/7100 hardware comparison and NIM configurations](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | 2018-05-01 | 1 \n[1455876](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | [Obtaining the serial number and model number from an IBM Security or Proventia appliance](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | 2018-01-01 | 2 \n[1684986](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | [Running Platform Hardware Diagnostics utility on the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | 2018-05-01 | 3 \n[1691051](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | [IBM QRadar Network Security IQNS (XGS) appliance High Availability (HA) cabling guide](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | 2018-05-01 | 4 \n[1697576](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | [IBM Security RMA form](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | 2018-05-01 | 5 \n[1962052](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | [Customer Replaceable Unit (CRU) parts for IBM Infrastructure Security products](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | 2017-04-14 | 6 \n[1959769](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | [LED status indicators on the IBM Security Network Protection (XGS) and IBM Security Network Intrusion Prevention System (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | 2018-05-01 | 7 \n[1959487](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | [Locating the serial number on IBM Security Network Protection (XGS) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | 2018-05-01 | 8 \n[1984376](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | [The Security Network Protection XGS 5100 10G NIMs are not recognized ](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | 2017-08-28 | 9 \n[1964988](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | [Configuring management interface link speed and duplex settings for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | 2017-09-04 | 10 \n[1980532](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | [IBM Security Network Protection (XGS) 7100 requires Network Interface Modules (NIM) with firmware 1.6.0 or higher](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | 2017-04-14 | 11 \n[2004899](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | [Hardware health check interval on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | 2017-11-10 | 12 \n[1977921](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | [Speed and duplex settings are grayed out when using a 10G NIM module on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | 2018-05-06 | 13 \n[2004680](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | [Manufacturing information for IBM Security hardware](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | 2018-05-21 | 14 \n[1883752](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | [Fiber optic cable types that can be used with the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | 2017-04-14 | 15 \n[1903077](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | [Log information indicating A/C power reset is needed on IQNS](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | 2018-05-01 | 16 \n[1987913](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | [Link down to the network switch after restarting IBM Security Network Protection XGS 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | 2017-04-14 | 17 \n[2001134](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | [Securely wipe a QRadar Network Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | 2018-05-06 | 18 \n[1977445](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | [QRadar Network Security support for USB 3.0](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | 2018-05-01 | 19 \n \n\\+ Identity\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1667633](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | [Policy differences between the Security Network IPS and Security Network Protection System](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | 2018-05-01 | 1 \n[1980526](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | [Error: \"side-by-side configuration is incorrect\" when starting Security Logon Event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | 2017-06-10 | 2 \n[1593164](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | [Downloading the Security Logon-event Scanner software](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | 2017-06-10 | 3 \n[1981955](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | [Common issues when configuring Passive Authentication and the Logon-event Scanner for the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | 2017-04-23 | 4 \n[1980531](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | [Security Network Protection Passive Authentication is logging events from authenticated users as \"unauthenticated user\"](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | 2017-08-02 | 5 \n[1990089](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | [Installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | 2017-05-24 | 6 \n[1667487](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | [Authentication portal session timeout information for the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | 2018-05-01 | 7 \n[1698729](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | [Error when adding Remote Identity Objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | 2017-04-14 | 8 \n[1990094](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | [No active sessions in Security Network Protection (XGS) after installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | 2017-07-12 | 9 \n[2004901](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | [Active Directory authentication fails on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | 2017-12-13 | 10 \n[1695029](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | [Configuring protection interfaces for the Captive Authentication portal](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | 2018-05-01 | 11 \n[1672960](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | [Error when trying to add Remote Identity objects on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | 2017-09-26 | 12 \n[1696727](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | [Logon-event Scanner service stops on the Active Directory server](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | 2018-05-01 | 13 \n[1990090](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | [Managing Logon-event Scanner Version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | 2017-04-14 | 14 \n[1649622](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | [Inbound connections fail when user authentication does not include a destination object specifying which adapters are external](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | 2017-04-14 | 15 \n[1696728](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | [Logon-event Scanner is unable to process Russian characters](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | 2017-04-14 | 16 \n[1973114](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | [Security Logon-event Scanner does not report active sessions when domain names do not match](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | 2017-04-23 | 17 \n[1975846](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | [Network Protection (XGS) - Passively authenticated users or group-based NAP rules do not match](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | 2018-05-01 | 18 \n[1980530](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | [Security Logon-event Scanner Domain Administrator account is not seen as an active session by the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | 2018-05-28 | 19 \n[1980552](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | [Logon-event Scanner can no longer communicate with the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | 2017-05-28 | 20 \n \n\\+ Installation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1964546](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | [IBM QRadar Network Security IQNS (XGS) and Security Network IPS (GX) cabling guidelines](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | 2018-05-01 | 1 \n[1964989](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | [Error: \"Character content other than whitespace\" after reimaging or updating an XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | 2017-09-04 | 2 \n[1962633](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | [IBM Security Network Protection (XGS) and Network Intrusion Prevention (IPS) install guidelines after a replacement unit (RMA) was received](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | 2017-06-19 | 3 \n[1962593](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | [Moving Security Network Protection policies to a new SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | 2017-04-14 | 4 \n[1694346](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | [Security Network Protection (XGS) System error when registing with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | 2018-05-01 | 5 \n \n\\+ Interim Fixes\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1966077](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | [Certificate \"expired or is near expiration\" message after you import a new LMI certificate on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | 2017-09-18 | 1 \n[1677166](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | [Fixes and patches available for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | 2018-05-13 | 2 \n[1700713](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | [IBM Security Network Protection (XGS) firmware 5.3.0.5 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | 2018-05-01 | 3 \n[1961507](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | [Security Network Protection sensor vulnerability to CVE-2014-2532](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | 2017-10-23 | 4 \n[1902778](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | [Security Network Protection firmware 5.3.1 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | 2018-05-01 | 5 \n[1960788](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | [5.3.1.1-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | 2018-05-01 | 6 \n[2000334](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | 2017-06-30 | 7 \n[1959193](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0009 ](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | 2018-05-13 | 8 \n[1959666](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | [5.3.0.6-ISS-XGS-All-Models-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | 2018-05-21 | 9 \n[1972784](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | 2017-04-14 | 10 \n[1690659](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | [5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | 2017-04-14 | 11 \n[1664576](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0002](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | 2017-04-14 | 12 \n[1681073](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | 2017-06-24 | 13 \n[1685298](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | 2018-05-01 | 14 \n[1685299](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | 2018-05-01 | 15 \n[1685300](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | 2018-05-01 | 16 \n[1685301](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | 2018-05-01 | 17 \n[1685302](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | [5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | 2018-05-01 | 18 \n[1690850](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | 2017-04-14 | 19 \n[1690851](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | 2017-04-14 | 20 \n[1693604](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | 2017-04-14 | 21 \n[1696054](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | 2018-05-01 | 22 \n[1700617](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | 2017-04-23 | 23 \n[1903749](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | [5.3.0.6-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | 2018-05-01 | 24 \n[1960784](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP00010](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | 2018-05-01 | 25 \n[1960785](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | [5.3.0.6-ISS-XGS-All-Models-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | 2018-05-21 | 26 \n[1968790](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | 2017-09-26 | 27 \n[1975563](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | [5.3.1.7-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | 2017-04-14 | 28 \n \n\\+ Intrusion Prevention Module (IPM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680386](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | [Migrating existing Security Network IPS policies to the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | 2018-05-01 | 1 \n[1962048](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | [Difference between Allow and Ignore in the IPS Event Filter Policy on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | 2017-09-04 | 2 \n[1695087](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | [Warning: RSYSLOG response: LEEF message is truncated, IBM QRadar Network Security IQNS (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | 2018-05-01 | 3 \n[1958077](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | [XML content of policy export on Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | 2017-08-02 | 4 \n[1660083](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | [QRadar SIEM only logging Network Access events but not IPS Security Events from Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | 2017-04-14 | 5 \n[1687457](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | [Certain security events can only be used in the Default IPS policy object on the IBM QRadar Network Security IQNS/XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | 2018-05-01 | 6 \n[7047767](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | [XGS Open Mic Webcast: Application Control and IP Reputation Demystified! Thursday, 31 March 2016 [Includes attached presentation and link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | 2017-04-15 | 7 \n[1682385](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | [IBM Qradar Network Security -IQNS (XGS) not firing IPS events after being registered in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | 2018-05-01 | 8 \n[1963728](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | [IBM Security Network Protection (XGS) security events UNIX timestamp conversion tool](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | 2017-04-16 | 9 \n[1696200](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | [Logging URL data from Network Access events](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | 2018-05-01 | 10 \n[1699305](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | [System error shows \"Issue ID: value already exists\" when attempting to add/edit IPS Event Filter rules](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | 2017-04-14 | 11 \n \n\\+ Licensing and Updates (LUM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1679077](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | [Steps to generate or regenerate license keys from the IBM License Key Center](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | 2018-05-01 | 1 \n[1680383](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | [IBM QRadar Network Security IQNS (XGS) licensing summary](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | 2018-05-01 | 2 \n[1437057](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | [Firewall rules necessary to ensure that IBM Security and Lotus Protector for Mail Security Products can update](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | 2017-09-10 | 3 \n[1965396](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | [Best practices for firmware upgrades on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | 2017-06-10 | 4 \n[1961077](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | [Manually applying updates on the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | 2017-05-13 | 5 \n[1678995](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | [IBM QRadar Network Security IQNS (XGS) does not apply all currently entitled licenses after it is registered with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | 2018-05-01 | 6 \n[1964486](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | [Internet access configuration for Application Database updates on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | 2018-05-01 | 7 \n[1693920](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | [Network Protection (XGS) firmware update fails to install](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | 2018-05-01 | 8 \n[1610380](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | [Adding or Changing Registered End Users (REUs) in Flexera Licensing Key Center (LKC)](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | 2017-09-07 | 9 \n[1988156](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | [Security Network Protection license refresh timing in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | 2017-04-14 | 10 \n[1996659](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | [GLGUP1012E alerts on IBM Security Network Protection (XGS) not configured for internet access](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | 2018-05-01 | 11 \n[1970863](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | [Possible memory leak in 5.3.1.5 firmware release](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | 2017-04-14 | 12 \n[1986089](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | [License expiration date does not change after adding a new license to the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | 2017-08-28 | 13 \n[1975847](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | [Unable to find recently purchased licenses for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | 2018-05-01 | 14 \n \n\\+ Local Management Interface (LMI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[2007513](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | [Error: \"Failed to find an app server\" and web interface not accessible on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | 2017-09-08 | 1 \n[1976862](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | [LMI certificate management on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | 2018-02-26 | 2 \n[1983851](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | [Change the Security Network Protection (XGS) default administrator password in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | 2018-05-01 | 3 \n[1766545](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | [Configuring multiple accounts for LMI and CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | 2018-05-20 | 4 \n[1983880](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | [Token-based two-factor authentication on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | 2017-05-28 | 5 \n[1883738](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | [Disabling weak ciphers for the LMI of the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | 2018-02-01 | 6 \n[1988154](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | [Internet Explorer Compatibility View mode causes LMI issues on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | 2017-08-28 | 7 \n[1969071](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | [LMI is inaccessible after replacing the certificate on QRadar Network Protection (XGS) sensors](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | 2017-10-01 | 8 \n[1990349](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | [Error: \"The page you were looking for doesn't exist\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | 2017-04-14 | 9 \n[1595890](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | [Supported Browsers for the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | 2017-04-14 | 10 \n[1682813](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | [Blank Interface Statistics Graphs in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | 2018-05-01 | 11 \n[1970018](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | [Certficate in Awaiting CA Certificate Upload status for the Security Network Protection LMI](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | 2017-04-14 | 12 \n[1983898](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | [Unable to access LMI after applying fix pack 5.3.X-ISS-XGS-Remove-LMI-Certs to a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | 2017-04-14 | 13 \n[1968985](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | [Unable to access the LMI in Firefox after configuring FIPS on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | 2017-04-14 | 14 \n[2000598](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | [Unable to add SNMP object to Security Network Protection at firmware 5.3.3.2](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | 2018-05-01 | 15 \n[1713633](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | [Local event data retention settings on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | 2018-05-28 | 16 \n[1963516](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | [System Error when using a third-party certificate in QRadar Network Security LMI](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | 2017-09-26 | 17 \n[1989975](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | [Hardcoding speed and duplex on M.1 might not work on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | 2017-10-02 | 18 \n[1987436](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | [Access to captive portal using IPv6 address fails on IBM Security Network Protection appliances (XGS). ](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | 2017-04-14 | 19 \n[1661873](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | [Unable to download support files from an QRadar Network Security with IE Enhanced Security Configuration installed](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | 2018-05-01 | 20 \n[1983889](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | [HTTP 500 Internal Server Error when accessing the Security Network Protection (XGS) Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | 2018-05-01 | 21 \n[1597885](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | [Multiselect does not work properly](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | 2017-04-14 | 22 \n[1598332](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | [System Error - Tried to register widget with id==logdb_edit_dialog but that id is already registered](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | 2017-04-14 | 23 \n[1686991](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | [Captive authentication page occasionally fails to redirect the user on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | 2018-05-01 | 24 \n[1986359](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | [The search bar in the IBM Security Network Protection Local Management Interface (LMI) help is not responding and searches can not be made.](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | 2017-04-14 | 25 \n[1999059](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | [LMI network graphs unreadable when using Chrome 56 on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | 2017-06-10 | 26 \n[1999115](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | [Unable to access LMI after modifying the management IP address on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | 2018-01-01 | 27 \n \n\\+ Network Access Policy\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1961068](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | [Blocking IP spoofed traffic with a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | 2017-08-28 | 1 \n[1983899](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | [Security Network Protection (XGS) Network Access Policy rules not working](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | 2017-06-19 | 2 \n[1961506](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | [IP reputation and geolocation information in NAP events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | 2017-10-16 | 3 \n[1990362](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | [Default IPS policy usage in NAP rules on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | 2017-04-14 | 4 \n[1995199](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | [Configure Network Access Policies for the IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | 2017-04-14 | 5 \n[1962639](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | [Security Network Protection and Security Network IPS remote syslog logging facility](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | 2017-06-19 | 6 \n[1968101](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | [Drop or Reject Actions do not appear to apply for some rules on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | 2017-10-17 | 7 \n[1974709](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | [Remote Syslog over TLS setup](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | 2017-12-12 | 8 \n[1990338](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | [Custom NAP rule naming on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | 2018-05-23 | 9 \n[1698766](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | [Blocking specific ports by using Network Access policy on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | 2018-05-01 | 10 \n[1750419](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | [Security Network Protection (XGS) is not blocking a URL with \"?\" parameter value](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | 2017-04-14 | 11 \n[1968211](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | [Default behavior for traffic that does not match any NAP rule on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | 2017-10-23 | 12 \n[1435089](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | [Unable to see newly added Network Objects or Response Objects in XGS Response Rules](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | 2017-04-14 | 13 \n[1700929](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | [Security Network Protection (XGS) block page is not found for NAP rules by using domain category and domain list objects](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | 2018-05-01 | 14 \n[1986086](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | [Error: \"Field must be between 0 and 255 in length\" when adding a rule to a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | 2017-08-28 | 15 \n[1644712](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | [LMI allows deletion of remote directory server that is referenced in an identity object](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | 2017-04-14 | 16 \n[1698149](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | [Error: \"Invalid scope\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | 2017-04-14 | 17 \n[1644593](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | [IBM Security Network Protection does not detect ping echo replies](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | 2017-09-06 | 18 \n[1683989](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | [Some Network Access policy events don't contain URL Categories or Web Application information](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | 2018-05-01 | 19 \n[1975227](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | [Multiple changes to the Network Access Policy may cause a network interruption on the Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | 2018-05-01 | 20 \n[1976509](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | [Using geolocation objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | 2017-08-24 | 21 \n[1983886](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | [Creating Geolocation objects in the Event Filter policy](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | 2018-05-01 | 22 \n[2013039](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | [Stateful inspection on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | 2018-02-19 | 23 \n \n\\+ Network Interface Module (NIM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1698147](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | [Replacing network interface modules (NIMs) in the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | 2018-01-29 | 1 \n[1666254](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | [Network Protection (XGS) policy changes that cause a link state change](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | 2018-05-01 | 2 \n[1987202](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | [40Gb Network Interface Module (NIM) update IBM QRadar Network Security (IQNS) 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | 2018-05-01 | 3 \n \n\\+ Not Applicable\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1662387](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | [Agent Alert POST](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | 2017-08-24 | 1 \n[7045692](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | [Open Mic Webcast: How to Deploy and Configure the XGS - Wednesday, 20 May 2015 [includes link to recorded session; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | 2018-05-23 | 2 \n[1689158](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | [Security Bulletin: Vulnerability in SSLv3 affects multiple IBM Security Infrastructure appliances (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | 2018-02-15 | 3 \n[2001436](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | [PAM Statistics info and OID listing for QRadar Network Security (XGS) at XPU 37.030](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | 2018-05-01 | 4 \n[1987437](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | [Receiving warning messages when deploying policies that require restarting Analysis Daemon](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | 2017-04-14 | 5 \n[7047367](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | [Open Mic Webcast: XGS: Advanced Threat Protection Integration Options (QRadar export) - 28 January 2016 [Includes link to replay. Presentation is attached.]](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | 2017-04-15 | 6 \n[7045508](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | [Open Mic Webcast: Policy Migration from GX to XGS - Tuesday, 28 April 2015 [includes link to recorded event; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | 2018-05-23 | 7 \n[7049643](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | [Open Mic: IQNS (XGS) X-Force Malware Analysis on the Cloud - 24 May 2017 (Includes link to replay. Slides are attached.)](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | 2017-06-05 | 8 \n[1690823](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | [Security Bulletin: IBM Security Network Protection is affected by Shell Command Injection vulnerability (CVE-2014-6183)](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | 2018-02-15 | 9 \n[7047876](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | [Infrastructure Support Open Mic Webcast: IBM Threat Protection System with XGS-QRadar Integration - 25 May 2016 [includes link to replay; presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | 2018-02-15 | 10 \n[1974288](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | [IBM Security Network Protection 5.3.2 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | 2017-04-14 | 11 \n[7044438](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | [Open Mic Webcast for IBM Security Network Protection: Troubleshooting the XGS appliance - 20 January 2015 [includes link to replay; presentation slides are attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | 2018-05-23 | 12 \n[1690822](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | [Security Bulletin: Vulnerability in SSLv3 affects Network Protection (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | 2018-02-15 | 13 \n[1696131](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | 2018-02-15 | 14 \n[7045078](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | [Open Mic Webcast for controlling internet access with XGS: a configuration walkthrough of user authentication - Wednesday, 4 March 2015 [inclues link to recording; slide deck is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | 2018-05-23 | 15 \n[7046280](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | [Open Mic Webcast: XGS - Keeping up with threat infrastructure by using alerts and audits - 26 August 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | 2017-04-15 | 16 \n[1676529](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | [Security Bulletin: IBM Security Network Protection is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 ](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | 2018-02-15 | 17 \n[1680803](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | [Security Bulletin: IBM Security Network Protection System CPU Utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | 2018-02-15 | 18 \n[1693542](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | [Security Bulletin: IBM Security Network Protection is affected by ClickJacking vulnerability CVE-2014-6197](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | 2018-02-15 | 19 \n[1958090](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | [Security Bulletin: IBM Security Network Protection contains a Cross-Site Request Forgery vulnerability. ](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | 2018-02-15 | 20 \n[2002436](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | [Increased memory utilization in QRadar Network Security firmware 5.4](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | 2018-05-01 | 21 \n[1684903](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | [Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511) ](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | 2018-02-15 | 22 \n[1696906](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | [Security Bulletin: IBM Security Network Protection is affected by OpenSSL vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | 2018-02-15 | 23 \n[1697248](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | [Security Bulletin: IBM Security Network Protection is vulnerable to Cross-Site Scripting. (CVE-2014-6189)](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | 2018-02-15 | 24 \n[7047473](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | [Open Mic Webcast: Why you need to use Automated Service and Support on the XGS - 25 February 2016 [Includes link to replay] [Presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | 2018-02-15 | 25 \n[7050149](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | [IBM Infrastructure Security Support July 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | 2017-08-24 | 26 \n[1675355](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | [Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | 2018-02-15 | 27 \n[1676875](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | [Security Bulletin: IBM Security Network Protection is affected by the following IBM\u00c2\u00ae SDK, Java\u00e2\u0084\u00a2 Technology Edition vulnerability (CVE-2014-2414) ](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | 2018-02-15 | 28 \n[1693657](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | [Security Bulletin: TLS padding vulnerability affects IBM Security Network Protection (CVE-2014-8730) ](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | 2018-02-15 | 29 \n[1696265](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | [Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | 2018-02-15 | 30 \n[1696521](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3065) ](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | 2018-02-15 | 31 \n[1696811](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | [Security Bulletin: IBM Security Network Protection is affected by a NSS vulnerability (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | 2018-02-15 | 32 \n[1701264](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | [Security Bulletin: Vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-0138) ](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | 2018-02-15 | 33 \n[1962064](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | [Security Bulletin: A vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-1788)](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | 2018-02-15 | 34 \n[1963297](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2013-7424) ](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | 2017-04-14 | 35 \n[2011740](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | [Security Bulletin: IBM QRadar Network Security is affected by a denial of service vulnerability in cURL (CVE-2017-1000257) ](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | 2018-05-01 | 36 \n[2016575](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | [Impact of the Japanese era calendar change on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | 2018-05-26 | 37 \n \n\\+ Operating system (OS)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1980551](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | [Interpreting LEEF formatting in syslog events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | 2018-05-01 | 1 \n[1986090](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | [Warning: \"User allocated memory\" on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | 2017-08-24 | 2 \n[1972161](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | [Allowed Characters for the Security Network Protection admin password](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | 2017-04-16 | 3 \n[1966576](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | [High disk usage on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | 2018-05-06 | 4 \n[1983875](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | [MTU as defined on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | 2017-08-02 | 5 \n[1698146](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | [Kernel debug procedures for the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | 2017-10-30 | 6 \n[1978425](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | [Unable to SSH in to the Securty Network Protection (XGS) with error: failed to start sshd ](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | 2018-05-01 | 7 \n[1705154](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | [IBM Security Network Protection (XGS) firmware 5.3 \"Kernel Soft Lockup\"](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | 2018-05-06 | 8 \n[1996695](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | [Error: \"Allocated user memory\" in SiteProtector for Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | 2018-05-23 | 9 \n[1959380](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | [CVE-2002-0510 vulnerability on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | 2017-09-04 | 10 \n[1599917](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | [Changing Time Settings Causes Gaps or Missing Data in Statistics Display](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | 2017-04-14 | 11 \n \n\\+ Performance\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1968189](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | [Security Network Protection (XGS) SensorStatistics](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | 2018-05-01 | 1 \n[1701480](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | [Network Interface Module (NIM) ports perform better than built-in gigabit ports on XGS 5100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | 2018-05-01 | 2 \n[1959239](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | [Packet delay or loss while making changes to XGS policies](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | 2017-04-14 | 3 \n[1902773](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | [Policy migration limitations and facts to consider](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | 2018-05-01 | 4 \n[1667527](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | [Session ID Resumption and SSL decryption](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | 2018-05-01 | 5 \n[1683772](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | [Experiencing latency while using the Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | 2018-05-01 | 6 \n[1903622](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | [Security Network Protection (XGS) email alerts do not include hostname or IP address of the reporting appliance](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | 2018-05-01 | 7 \n[1698814](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | [Forced speed/duplex interface settings not working with XGS Firmware 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | 2017-04-14 | 8 \n[1987354](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | [IBM QRadar Network Security (IQNS) no System Alerts seen in System Events](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | 2018-05-01 | 9 \n[1962510](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | [\"Timer expiration\" error when deploying a policy change on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | 2017-08-24 | 10 \n[1977325](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | [Storage Limits and Allocation on the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | 2017-04-14 | 11 \n[1999124](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | [Asymmetric traffic across NIMs for XGS7100 appliances](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | 2018-01-01 | 12 \n[1682809](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | [Unable to deploy policy to IBM QRadar Network Security IQNS (XGS) in SiteProtector.](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | 2018-05-01 | 13 \n[1667817](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | [Network Protection (XGS) unable to read or parse EEPROM data from selected slot](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | 2018-05-01 | 14 \n \n\\+ Protocol Analysis Module (PAM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1498057](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | [X-Force Protocol Analysis Module (PAM) signature information](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | 2018-01-01 | 1 \n[1436125](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | [Configuring a sensor to ignore or allowlist traffic from certain IP addresses](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | 2018-05-01 | 2 \n[1973599](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | [Protection against DoS and DDoS with IBM QRadar Network Security IQNS (XGS) and Network IPS (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | 2018-05-01 | 3 \n[1962049](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | [Information about the coalescer on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | 2017-09-26 | 4 \n[1435809](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | [Some traffic allowed despite a configured Block response on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | 2018-05-28 | 5 \n[1987735](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | [IBM X-Force introduces version scheme change for X-Press Updates (XPU) - June 2017](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | 2017-08-24 | 6 \n[1965579](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | [Bypassing inspection on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | 2017-10-09 | 7 \n[1986647](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | [Severity levels for IBM X-Force security signatures](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | 2018-05-28 | 8 \n[1988495](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | [Flood protection behavior on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | 2017-09-04 | 9 \n[1437359](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | [IEEE 802.3ad (EtherChannel) support on XGS and GX sensors](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | 2017-09-11 | 10 \n[1515937](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | [Two events generated for the same signature (one as Detected and other as Blocked) on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | 2017-09-04 | 11 \n[1643272](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | [How to determine whether there is coverage for a particular CVE](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | 2017-08-24 | 12 \n[1701441](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | [X-Force Virtual Patch Protection Levels for QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | 2018-05-07 | 13 \n[1975854](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | [PAM reports Akamai's IP instead of the 'True-Client-IP' HTTP header](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | 2017-08-09 | 14 \n[1962594](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | [Enabling or disabling inspection of X-Forward headers on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | 2017-10-16 | 15 \n[1976382](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | [Unable to access live.com (Hotmail/Outlook) when Outbound SSL is enabled on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | 2018-05-01 | 16 \n[1434828](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | [False positive on IBM host or network based IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | 2017-06-26 | 17 \n[1999450](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | [Find PAM signature by issue ID on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | 2018-05-01 | 18 \n[1683773](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | [Multiple false positives on Java-based security events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | 2017-09-26 | 19 \n[1624060](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | [Ignoring vulnerability scanner traffic on the Security Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | 2018-05-01 | 20 \n[1468847](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | [Event and Response Filters with port ranges do not work with TCP_Port_Scan and UDP_Port_Scan](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | 2018-05-01 | 21 \n[1436031](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | [Determing the release date and coverage information for an XPU](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | 2017-04-14 | 22 \n[1643931](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | [HTTP HEAD and PUT methods not detected (blocked)](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | 2017-04-14 | 23 \n[1692287](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | [Signature coverage for SSLv3 (Poodle) on Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | 2017-09-04 | 24 \n[1697527](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | [Error: \"FNXPM1003E...\" trons interface errors on Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | 2017-05-13 | 25 \n[1967067](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | [Compressed file traffic inspection by QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | 2017-10-04 | 26 \n[1968099](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | [SMTP_Command_Binary_Overflow signature can cause a large number of events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | 2017-10-17 | 27 \n[1976381](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | [Skype traffic not being blocked by Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | 2018-05-01 | 28 \n[1996694](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | [Security Network Protection treatment for \"iv-remote-address\" header information](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | 2018-05-23 | 29 \n[1435997](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | [User Defined Event compiler limitations for the Protocol Analysis Module](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | 2017-04-23 | 30 \n[1626557](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | [Tuning the DNS_Bind_OPT_DOS signature on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | 2017-04-14 | 31 \n[1883737](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | [Skype UDP traffic is not recognized by the Protocol Analysis Module on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | 2017-05-13 | 32 \n[1966581](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | [Analysis of DECNET traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | 2017-10-23 | 33 \n[1968561](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | [Inspection of duplicate packets by QRadar Network Security sensors with different interface modes](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | 2017-10-23 | 34 \n[1983891](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | [TCP_Probe_XXXX events do not fire when TCP_Port_Scan triggers on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | 2018-05-28 | 35 \n[1983900](<http://www.ibm.com/support/docview.wss?uid=swg21983900>) | [SNMP_Activity version detection](<http://www.ibm.com/support/docview.wss?uid=swg219